CHAPTER 5

SYSTEM INTEGRITY AND SECURITY

DESIGN

Compiled by Dagmawi Fetene

Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
Compiled by Dagmawi Fetene
SYSTEM SECURITY

Compiled by Dagmawi Fetene

 System security ensures that only
authorized users can perform authorized
activities at authorized times
SYSTEM SECURITY
 Database security is  Many aspects to
about controlling
access to
information
 Some information
should be available
freely
 Other information
should only be
available to certain
people or groups
consider for security
 Legal issues
 Physical security
 OS/Network security
 Security policies and
protocols
 Encryption and
passwords
 DBMS security
Compiled by Dagmawi
Fetene
SECURITY BREACHES
 Data observation
 results in disclosure of information to users not

Compiled by Dagmawi Fetene

entitled to gain access to such information
 Incorrect data modification
 results in an incorrect database state
 Data unavailability
 Results in productivity loss
THREE GOALS OF SYSTEM SECURITY
1. Secrecy or confidentiality
 refers to the protection of data against

Compiled by Dagmawi Fetene

unauthorized disclosure
2. Integrity
 refers to the prevention of unauthorized
and improper data modification
3. Availability
 refers to the prevention and recovery from
hardware and software errors and from
malicious data access denial making the
database system unavailable
IMPLEMENTING SYSTEM
SECURITY
 Developing system security
 Determine users’ processing rights and
responsibilities
 Enforce security requirements using
security features from both DBMS and
application programs

Compiled by
Dagmawi Fetene
DBMS
SECURITY(PASSWORD,GROUPS)
 DBMS products provide security facilities
 They limit certain actions on certain objects

Compiled by Dagmawi Fetene

to certain users or groups (also called
roles)
 Almost all DBMS products use some form of
user name and password security
 Planning
 Develop a security plan for preventing and
detecting security problems
 Create procedures for security emergencies and
practice them
 Internal Vs External
 Some threats are external but many are internal
SYSTEM SECURITY GUIDELINES
 Run DBMS behind a firewall, but plan as though the firewall
has been breached
 Apply the latest operating system and DBMS service packs

Compiled by Dagmawi Fetene

and fixes
 Use the least functionality possible
 Support the fewest network protocols possible
 Delete unnecessary or unused system stored procedures
 Disable default logins and guest users, if possible
 Unless required, never allow all users to log on to the DBMS
interactively
 Protect the computer that runs the DBMS
 No user allowed to work at the computer that runs the DBMS
 DBMS computer physically secured behind locked doors
 Access to the room containing the DBMS computer should be
recorded in a log
SYSTEM SECURITY GUIDELINES
 Manage accounts and passwords
 Use a low privilege user account for the

Compiled by Dagmawi Fetene

DBMS service
 Protect database accounts with strong
passwords
 Monitor failed login attempts
 Frequently check group and role
memberships
 Audit accounts with null passwords
 Assign accounts the lowest privileges
possible
 Limit DBA account privileges
EXAMPLE: ROW LEVEL ACCESS
 Row level security restricts user access at the
row (record) level

Compiled by Dagmawi Fetene

 Restricts user access to view or modify the
rows of data
APPLICATION SECURITY
 If DBMS security features are inadequate,
additional security code could be written in
application program

Compiled by Dagmawi Fetene

 Application security in Internet applications is often
provided on the Web server computer
 However, you should use the DBMS security
features first
 The closer the security enforcement is to the data,
the less chance there is for infiltration
 DBMS security features are faster, cheaper, and
probably result in higher quality results than
developing your own
SYSTEM AUDITING
 Auditing is the process of tracking who
accesses the database and the resources
accessed

Compiled by Dagmawi Fetene

 Done by writing to a log file
 What is tracked:
 User login/logout
 Data accessed
DBMS SECURITY SUPPORT
 DBMS can provide
some security
 Each user has an
account, username
and password
 These are used to
identify a user and
control their access to
information
 DBMS verifies
password and checks a
user’s permissions
when they try to
 Retrieve data
 Modify data
 Modify the database
structure
Compiled by Dagmawi
Fetene
PERMISSIONS AND PRIVILEGE
 The owner (creator)
 SQL uses privileges
to control access to of a database has all
privileges on all
tables and other

Compiled by Dagmawi Fetene

objects in the
database objects database, and can
 SELECT privilege grant these to others
 INSERT privilege  The owner (creator)
 UPDATE privilege of an object has all
 DELETE privilege privileges on that
object and can pass
them on to others
PRIVILEGES IN SQL
GRANT <privileges> • <users> is a list of user
names or PUBLIC
ON <object>
TO <users>
• <object> is the name of
[WITH GRANT OPTION] a table or view (later)

• <privileges> is a list of • WITH GRANT OPTION

SELECT <columns>,
INSERT <columns>,
DELETE, and
UPDATE <columns>, or
simply ALL
means that the users
can pass their privileges
on to others

Compiled by Dagmawi
Fetene
DATABASE INTEGRITY
 Security vs Integrity  Integrity constraints
 Database security  Domain constraints
makes sure that the apply to data types
user is authorised to  Attribute constraints
access information apply to columns
 Database integrity  Relation constraints
makes sure that apply to rows in a
(authorised) users single table
use that information  Database constraints
correctly apply between tables

Compiled by Dagmawi
Fetene
DATABASE CONSTRAINTS
 Database constraints are similar but refer to
several tables
 Example: Given tables student and enrolment,
make sure no CS student takes more than 12
modules

Student Enrolment
ID Name Department ID Code

Compiled by Dagmawi
Fetene
CHECK EXAMPLE
 To add a check on the Employee table to
make sure no employee’s bonus is more than
15% of their salary

 ALTER TABLE Employee

 ADD CONSTRAINT checkSalaryBonus
 CHECK (Bonus < 0.15*Salary)

Compiled by Dagmawi
Fetene
DATA - INFORMATION - IS
VALUABLE
 Many enterprises depend on secure & reliable
DBMSs:
 Banks, the stock exchange, airlines, hospitals, ...
 DBMS systems may be at risk from situations
such as:
 Theft, fraud
 Loss of confidentiality (business secrets) – loss of
competitiveness
 Loss of privacy (personal information) – legal
implications
 Loss of integrity – corrupted data
 Loss of availability
 Insecure DBMS worse than having no DBMS at all
 Low staff confidence
 Low customer confidence
Compiled by Dagmawi
Fetene
POTENTIAL SOURCES OF RISK -
THREATS
 Examples of hardware & software threats
are:
 Hardware - breakdown, theft, fire, flood, power
loss...
 Software - bugs, unexpected features (includes OS)
 Communications - wiretapping, packet sniffers,
packet loss
 Probably the greatest threats are from
people:
 Programmers - insecure code
 DBAs - trapdoors, fake accounts
 Users - mistakes, hacking, blackmail

Compiled by Dagmawi
Fetene
COMMON SECURITY MEASURES
 Authorization - privileges, views
 Authentication - passwords
 Verification - digital signatures/certificates
 Encryption - public key / private key, secure sockets
 Integrity – IEF (Integrity Enhancement Features), transactions
 Backups - offsite backups, journaling, log files
 RAID (Redundant Array of Independent Discs) discs - data
duplication, “hot swap” discs
 Physical - data centres, alarms, guards, UPS
 Logical - firewalls, net proxies
 Note: The security of a component is as good as the security
of the weakest link in the whole system

Compiled by Dagmawi
Fetene
DIGITAL SIGNATURES
 Digital signatures (RSA in reverse):
 Establishes authenticity of a document

 "Hi, this message is in clear text but if

 anyone changes even a single byte, you will
 be able to tell that the message is not the
 original from the digital signature below,
 signed with my private key. Yours, D.“

 BEGIN SIGNATURE
 P4`341uy2rl34iut1lf,jbf,KPP98$\%\#!\$"BV!"X#
 END SIGNATURE

 Problem: How can we verify authenticity of sender ??

Compiled by Dagmawi
Fetene
FIREWALLS
The Internet

Firewall ??
Internal Network

Internal Internal DBMS

Client Client Server

 Firewalls block unauthorised external

network access
 Firewalls may limit access to the
internet for ‘internal’ machines
Compiled by Dagmawi
Fetene
FIREWALL TECHNIQUES
 Use a proxy server to hide internal network
addresses:
22.33.44.55 SE.CR.ET.!!
Proxy

 General guidelines:
 Disable all user accounts on all Bastion machines
 Preferably, run only one type of service on each
Bastion machine
 Software firewalls:
 Can have “all-software” firewalls (packet filters)
 Until MS-Blast virus, Microsoft shipped Windows-XP
with firewall off by default!!

Compiled by Dagmawi
Fetene
SUMMARY
 The best security comes from using multiple
techniques:
 People - authorisation/authentication . .need-to-
know.
 Physical - protect the hardware, RAID discs,
backups
 Network - use firewalls, encryption
 Software – “good programming practice” main CS
responsibility
 For any given system:
 Consider the different sources of risk (threats)...
 Balance the cost of implementing security
measures vs cost of any loss!!

Compiled by Dagmawi
Fetene