DISCRETIONARY ACCESS CONTROL. Tran Thi Que Nguyet Faculty of Computer Science & Engineering HCMC University of Technology ttqnguyet@cse.hcmut.edu.
|
|
- Justina Kennedy
- 8 years ago
- Views:
Transcription
1 DISCRETIONARY ACCESS CONTROL Tran Thi Que Nguyet Faculty of Computer Science & Engineering HCMC University of Technology
2 Outline Introduction to Discretionary Access Control Propose Models for DAC SQL for Data Control DAC & Information Flow Controls Homework: Case study in SQL Server 2008 Reading chapter 4 Access control for Databases: Concepts and Systems. Elisa Bertino, et al. 2 2
3 Introduction to DAC Discretionary Access Control (DAC): User can protect what they own. The owner is given all privileges on their own data. The owner can define the type of access (read/write/execute/ ) and grant access to others. The typical method of enforcing DAC in a database system is based on the granting and revoking privileges 3 3
4 Introduction to DAC Types of Discretionary Privileges: The account/system level: The administrator specifies the particular privileges that each account holds independently of the objects in the database system. The object level: The administrator can control the privilege to access each individual object in the database system. 4 4
5 Introduction to DAC The account/system level privileges (example) CREATE SCHEMA CREATE TABLE CREATE VIEW ALTER DROP MODIFY SELECT 5
6 Introduction to DAC The object level privileges Data objects: relation or view Includes: INSERT UPDATE DELETE DELETE REFERENCE 6
7 Outline Introduction to Discretionary Access Control Propose Models for DAC SQL for Data Control DAC & Information Flow Controls 7 7
8 Proposed Models for DAC General definition: security model Access matrix model Take-Grant model 8 8
9 Security model A security model provides a semantically rich representation in that it allows functional and structural properties of the security system to be described. A security model describes the protection needs of the system. It is a high-level, software-independent, conceptual model. Types of security model Discretionary model: DAC model govern access of users to the information on the basis of the users identity and of rules that specify, for each user and object in the system, the types of access the user is allowed for the object. The request of a user to access an object is checked against the specified authorizations. Non-discretionary model 9
10 Access matrix model An access matrix is a matrix correlating the subjects, objects and the authorizations owned by each subject on each object. Authorization state: Q=(S,O,A) S (Subjects): a set of subjects or active entities that use system resources. Ex: user, group, process O (Objects): a set of passive objects which must be protected such as subjects and system resources Ex: OS level: file, memory, segments, process. DB level: database, relation, attribute, record, field 10
11 Access matrix model Authorization state: Q=(S,O,A) A: Access matrix Row: subjects Column: objects A[s,o]: access mode For DBs, A[s,o] also includes conditions that must be satisfied in order for s to exercise the access modes Possible conditions: data-dependent (sal<1000), time-dependent (8:00am- 5:00pm), context-dependent ( namesalary pair is prohibited), historydependent, S1 Si Sn O1 Oi Om A[s1,o 1] A[si,o1] A[sn,o 1] A[s1,o i] A[si,oi ] A[sn,o i] A[s1,om ] A[si,om] A[sn,om ] 11
12 Access matrix model Asset 1 Asset 2 file device Role 1 read, write, execute, own execute read write Role 2 read read, write, execute, own 12
13 Access matrix model Model implementation: S {(O,A)}: capability list Alice {(file X, {read, delete}), (file Y, {update})} O {(S,A)}: ACL (access control list) File X {(Alice, {read, delete}), (Bob, {read})} Each entry in the list specifies a subject and operation(s): for example, the entry (Alice, delete) on the ACL for file X gives Alice permission to delete file X Advantages & disadvantages of the two above & the model? Capability list: compute a set of subjects granted access on a given object all lists must be gone through ACL: find all objects a subject can access 13
14 (a) <S i, O j, A[S i, O j ]> (b) CL (c) ACL 14
15 Take-Grant model Authorization state: G=(S,O,E) V=S U O is the set of vertexes, S O = Ф E is the set of labelled arcs take(d,s,x,y): the subject s takes the right d on the object/subject y from the object/subject x s t x s t x d take(d,s,x,y) d d y y 15 15
16 Take-Grant model grant(d,s,x,y): the subject s grants the right d on the object/subject y to the object/subject x s g x s g x d grant(d,s,x,y) d d y y 16 16
17 Take-Grant model Access modes: read, write, take, grant Read, write: inert rights Take, grant: transport rights Other rights Create(s, x): subject s creates object x (The arc is labelled with p, possess) remove p (s, x): The possess right p on a subject/an object x is removed from a subject s. This model is classifiable as an access matrix model Disadvantages? 17 17
18 Take-Grant model Disadvantages: Non-selectivity of administrative rights: all authorizations of S owning a GRANT authorization can be transferred, and all authorizations of O/S on which a TAKE right is held can be taken No control on propagation of authorizations Non locality: S owning the grant privilege on O can give any of its privileges to O, thus augmenting the domain of O (the set of authorizations associated to O) Reversibility of the privileges transport flow 18 18
19 Other models Acten (Action-Entity) model Wood et al. model See [S. Castano, M. Fugini, G. Martella, and P. Samarati (1995). Database Security, ACM Press & Addison-Wesley, ISBN ] + Internet 19 19
20 Outline Introduction to Discretionary Access Control Propose Models for DAC SQL for Data Control DAC & Information Flow Controls 20 20
21 SQL for Data Control Commands: GRANT REVOKE Based on three central objects: Users Database objects Privileges: select, modify (insert, update, delete), reference 21 21
22 SQL for Data Control GRANT: pass privileges on their own database objects to other users GRANT <privilege list> ON TO <database objects> <user list> REVOKE: take back (cancel) privileges on their own database objects from other users REVOKE <privilege list> ON FROM <database objects> <user list> 22 22
23 SQL for Data Control Propagation of Privileges using the GRANT OPTION Whenever the owner A of a relation R grants a privilege on R to another account B, privilege can be given to B with or without the GRANT OPTION. If the GRANT OPTION is given, this means that B can also grant that privilege on R to other accounts
24 Limit horizontal propagation 24
25 Limit Vertical Propagation 25
26 Revocation of authorization (b) B revokes D s privilege (cascade) 26
27 SQL for Data Control DAC with views (virtual relations) If the owner A of a relation R wants another account B to be able to retrieve only some fields of R, then A can create a view V of R that includes only those attributes and then grant SELECT on V to B. The same applies to limiting B to retrieving only certain tuples of R; a view V can be created by defining the view by means of a query that selects only those tuples from R that A wants to allow B to access. 27
28 An Example Suppose that the DBA creates four accounts A1, A2, A3, A4 and wants only A1 to be able to create base relations. Then the DBA must issue the following GRANT command in SQL GRANT CREATETAB TO A1; In SQL2 the same effect can be accomplished by having the DBA issue a CREATE SCHEMA command as follows: CREATE SCHEMA EXAMPLE AUTHORIZATION A1; 28 28
29 An Example(2) User account A1 can create tables under the schema called EXAMPLE. Suppose that A1 creates the two base relations EMPLOYEE and DEPARTMENT A1 is then owner of these two relations and hence all the relation privileges on each of them. Suppose that A1 wants to grant A2 the privilege to insert and delete tuples in both of these relations, but A1 does not want A2 to be able to propagate these privileges to additional accounts: GRANT INSERT, DELETE ON EMPLOYEE, DEPARTMENT TO A2; 29 29
30 An Example(3) 30 30
31 An Example(4) Suppose that A1 wants to allow A3 to retrieve information from either of the two tables and also to be able to propagate the SELECT privilege to other accounts. A1 can issue the command: GRANT SELECT ON EMPLOYEE, DEPARTMENT TO A3 WITH GRANT OPTION; A3 can grant the SELECT privilege on the EMPLOYEE relation to A4 by issuing: GRANT SELECT ON EMPLOYEE TO A4; Notice that A4 can t propagate the SELECT privilege because GRANT OPTION was not given to A
32 An Example(5) Suppose that A1 decides to revoke the SELECT privilege on the EMPLOYEE relation from A3; A1 can issue: REVOKE SELECT ON EMPLOYEE FROM A3; The DBMS must now automatically revoke the SELECT privilege on EMPLOYEE from A4, too, because A3 granted that privilege to A4 and A3 does not have the privilege any more
33 An Example(6) Suppose that A1 wants to give back to A3 a limited capability to SELECT from the EMPLOYEE relation and wants to allow A3 to be able to propagate the privilege. The limitation is to retrieve only the NAME, BDATE, and ADDRESS attributes and only for the tuples with DNO=5. A1 then create the view: CREATE VIEW A3EMPLOYEE AS SELECT NAME, BDATE, ADDRESS FROM EMPLOYEE WHERE DNO = 5; After the view is created, A1 can grant SELECT on the view A3EMPLOYEE to A3 as follows: GRANT SELECT ON A3EMPLOYEE TO A3 WITH GRANT OPTION; 33 33
34 An Example(7) Finally, suppose that A1 wants to allow A4 to update only the SALARY attribute of EMPLOYEE; A1 can issue: GRANT UPDATE ON EMPLOYEE (SALARY) TO A4; The UPDATE or INSERT privilege can specify particular attributes that may be updated or inserted in a relation. Other privileges (SELECT, DELETE) are not attribute specific
35 Outline Introduction to Discretionary Access Control Propose Models for DAC SQL for Data Control DAC & Information Flow Controls 35 35
36 DAC & INFORMATION FLOW CONTROLS Inherent weakness of DAC: Unrestricted DAC allows information from an object which can be read by a subject to be written to any other object Bob is denied access to file A, so he asks cohort Alice to copy A to B that he can access Suppose our users are trusted not to do this deliberately. It is still possible for Trojan Horses to copy information from one object to another
37 Trojan horse Example 37 37
38 Trojan horse Example 38 38
39 Trojan horse Example 39 39
40 40 40
Chapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationDatabase Security. Sarajane Marques Peres, Ph.D. University of São Paulo www.each.usp.br/sarajane
Database Security Sarajane Marques Peres, Ph.D. University of São Paulo www.each.usp.br/sarajane Based on Elsmari x Navathe / Silberschatz, Korth, Sudarshan s books Types of security Legal and ethical
More informationITM661 Database Systems. Database Security and Administration
ITM661 Database Systems Database Security and Administration Outline Introduction to Database Security Issues Types of Security Threats to databases Database Security and DBA Access Protection, User Accounts,
More informationAccess Control Basics. Murat Kantarcioglu
UT DALLAS Erik Jonsson School of Engineering & Computer Science Access Control Basics Murat Kantarcioglu Access Control - basic concepts An access control system regulates the operations that can be executed
More informationCOSC344 Database Theory and Applications. Lecture 23 Security and Auditing. COSC344 Lecture 23 1
COSC344 Database Theory and Applications Lecture 23 Security and Auditing COSC344 Lecture 23 1 Overview Last Lecture Indexing This Lecture Database Security and Auditing Security Mandatory access control
More informationDatabase Security and Authorization
Database Security and Authorization 1 Database Security and Authorization 1.1 Introduction to Database Security Issues 1.2 Types of Security 1.3 Database Security and DBA 1.4 Access Protection, User Accounts,
More informationIntroduction to Databases
Page 1 of 5 Introduction to Databases An introductory example What is a database? Why do we need Database Management Systems? The three levels of data abstraction What is a Database Management System?
More informationAccess Control Models Part I. Murat Kantarcioglu UT Dallas
UT DALLAS Erik Jonsson School of Engineering & Computer Science Access Control Models Part I Murat Kantarcioglu UT Dallas Introduction Two main categories: Discretionary Access Control Models (DAC) Definition:
More informationDatabase Security Sabrina De Capitani di Vimercati, Dip. Elettronica, Universita di Brescia, 25123 Brescia, Italy Pierangela Samarati, Dip. di Tecnologie dell'informazione, Universita di Milano, 26013
More informationCS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University
CS377: Database Systems Data Security and Privacy Li Xiong Department of Mathematics and Computer Science Emory University 1 Principles of Data Security CIA Confidentiality Triad Prevent the disclosure
More informationDatabase Security. Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.
Database Security Soon M. Chung Department of Computer Science and Engineering Wright State University schung@cs.wright.edu 937-775-5119 Goals of DB Security Integrity: Only authorized users should be
More informationDatabase Security. The Need for Database Security
Database Security Public domain NASA image L-1957-00989 of people working with an IBM type 704 electronic data processing machine. 1 The Need for Database Security Because databases play such an important
More informationChapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification
Chapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 5 Outline More Complex SQL Retrieval Queries
More informationDatabase Security. Chapter 21
Database Security Chapter 21 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed to. E.g., A student can t see other students grades. Integrity: Users should
More informationChapter 24. Database Security. Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley
Chapter 24 Database Security Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 1 Introduction to Database Security Issues Types of Security Legal and ethical issues: privacy issues
More informationINFO/CS 330: Applied Database Systems
INFO/CS 330: Applied Database Systems Introduction to Database Security Johannes Gehrke johannes@cs.cornell.edu http://www.cs.cornell.edu/johannes Introduction to DB Security Secrecy:Users should not be
More informationWelcome to Information Systems Security (503009)
Welcome to (503009) Nguyen Thi Ai Thao Faculty of Computer Science & Engineering HCMC University of Technology thaonguyen@cse.hcmut.edu.vn Course Outline Week Lectures 1 Information systems security: basic
More informationIT2304: Database Systems 1 (DBS 1)
: Database Systems 1 (DBS 1) (Compulsory) 1. OUTLINE OF SYLLABUS Topic Minimum number of hours Introduction to DBMS 07 Relational Data Model 03 Data manipulation using Relational Algebra 06 Data manipulation
More informationRole Based Access Control (RBAC) Nicola Zannone
Role Based Access Control (RBAC) Nicola Zannone 1 DAC and MAC Discretionary Access Control (DAC) Access control determined by the owner of an object Oner can delegate access rights to other users Access
More informationSECURITY MODELS FOR OBJECT-ORIENTED DATA BASES
82-10-44 DATA SECURITY MANAGEMENT SECURITY MODELS FOR OBJECT-ORIENTED DATA BASES James Cannady INSIDE: BASICS OF DATA BASE SECURITY; Discretionary vs. Mandatory Access Control Policies; Securing a RDBMS
More informationSECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)
SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E) 2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views 3 THREATS What are the threats? Loss of integrity
More informationRelational model. Relational model - practice. Relational Database Definitions 9/27/11. Relational model. Relational Database: Terminology
COS 597A: Principles of Database and Information Systems elational model elational model A formal (mathematical) model to represent objects (data/information), relationships between objects Constraints
More informationIn This Lecture. Security and Integrity. Database Security. DBMS Security Support. Privileges in SQL. Permissions and Privilege.
In This Lecture Database Systems Lecture 14 Natasha Alechina Database Security Aspects of security Access to databases Privileges and views Database Integrity View updating, Integrity constraints For more
More informationCSE543 - Introduction to Computer and Network Security. Module: Reference Monitor
CSE543 - Introduction to Computer and Network Security Module: Reference Monitor Professor Trent Jaeger 1 Living with Vulnerabilities So, software is potentially vulnerable In a variety of ways So, how
More informationIT2305 Database Systems I (Compulsory)
Database Systems I (Compulsory) INTRODUCTION This is one of the 4 modules designed for Semester 2 of Bachelor of Information Technology Degree program. CREDITS: 04 LEARNING OUTCOMES On completion of this
More informationRole-based access control. RBAC: Motivations
Role-based access control 1 RBAC: Motivations Complexity of security administration For large number of subjects and objects, the number of authorizations can become extremely large For dynamic user population,
More informationThe Relational Model. Why Study the Relational Model?
The Relational Model Chapter 3 Instructor: Vladimir Zadorozhny vladimir@sis.pitt.edu Information Science Program School of Information Sciences, University of Pittsburgh 1 Why Study the Relational Model?
More informationCIS 551 / TCOM 401 Computer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2007 Lecture 3 1/18/07 CIS/TCOM 551 1 Announcements Email project groups to Jeff (vaughan2 AT seas.upenn.edu) by Jan. 25 Start your projects early!
More informationHow To Create A Table In Sql 2.5.2.2 (Ahem)
Database Systems Unit 5 Database Implementation: SQL Data Definition Language Learning Goals In this unit you will learn how to transfer a logical data model into a physical database, how to extend or
More informationDivision of IT Security Best Practices for Database Management Systems
Division of IT Security Best Practices for Database Management Systems 1. Protect Sensitive Data 1.1. Label objects containing or having dedicated access to sensitive data. 1.1.1. All new SCHEMA/DATABASES
More informationChapter 23. Database Security. Security Issues. Database Security
Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database
More informationRelational Database Basics Review
Relational Database Basics Review IT 4153 Advanced Database J.G. Zheng Spring 2012 Overview Database approach Database system Relational model Database development 2 File Processing Approaches Based on
More informationIntroduction to Computer Security
Introduction to Computer Security Access Control and Authorization Pavel Laskov Wilhelm Schickard Institute for Computer Science Resource access recapitulated 1. Identification Which object O requests
More informationTrusted RUBIX TM. Version 6. Multilevel Security in Trusted RUBIX White Paper. Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM TEL +1-202-412-0152
Trusted RUBIX TM Version 6 Multilevel Security in Trusted RUBIX White Paper Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM Infosystems Technology, Inc. 4 Professional Dr - Suite 118 Gaithersburg, MD
More informationDatabase Security Part 7
Database Security Part 7 Discretionary Access Control vs Mandatory Access Control Elisa Bertino bertino@cs.purdue.edu Discretionary Access Control (DAC) No precise definition Widely used in modern operating
More informationPart A: Data Definition Language (DDL) Schema and Catalog CREAT TABLE. Referential Triggered Actions. CSC 742 Database Management Systems
CSC 74 Database Management Systems Topic #0: SQL Part A: Data Definition Language (DDL) Spring 00 CSC 74: DBMS by Dr. Peng Ning Spring 00 CSC 74: DBMS by Dr. Peng Ning Schema and Catalog Schema A collection
More informationSecurity and Authorization. Introduction to DB Security. Access Controls. Chapter 21
Security and Authorization Chapter 21 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke 1 Introduction to DB Security Secrecy: Users should not be able to see things they are not supposed
More informationBM482E Introduction to Computer Security
BM482E Introduction to Computer Security Lecture 7 Database and Operating System Security Mehmet Demirci 1 Summary of Lecture 6 User Authentication Passwords Password storage Password selection Token-based
More informationAccess Control. Dr George Danezis (g.danezis@ucl.ac.uk)
Access Control Dr George Danezis (g.danezis@ucl.ac.uk) Resources Key paper: Carl E. Landwehr: Formal Models for Computer Security. ACM Comput. Surv. 13(3): 247-278 (1981) See references to other optional
More informationBasic Concepts of Database Systems
CS2501 Topic 1: Basic Concepts 1.1 Basic Concepts of Database Systems Example Uses of Database Systems - account maintenance & access in banking - lending library systems - airline reservation systems
More informationLecture 6. SQL, Logical DB Design
Lecture 6 SQL, Logical DB Design Relational Query Languages A major strength of the relational model: supports simple, powerful querying of data. Queries can be written intuitively, and the DBMS is responsible
More informationOracle Database 10g Express
Oracle Database 10g Express This tutorial prepares the Oracle Database 10g Express Edition Developer to perform common development and administrative tasks of Oracle Database 10g Express Edition. Objectives
More informationSecure Database Development
Secure Database Development Jan Jurjens () and Eduardo B. Fernandez (2) () Computing Department, The Open University, Milton Keynes, MK7 8LA GB http://www.jurjens.de/jan (2) Dept. of Computer Science,
More informationAccess Control Features in Oracle. CS 590U April 7, 2005 Ji-Won Byun
Access Control Features in Oracle CS 590U April 7, 2005 Ji-Won Byun Access Control Features in Oracle Broadly, Oracle supports five features for access controls. 1. Privileges 2. Views 3. Stored Procedures
More informationThere are five fields or columns, with names and types as shown above.
3 THE RELATIONAL MODEL Exercise 3.1 Define the following terms: relation schema, relational database schema, domain, attribute, attribute domain, relation instance, relation cardinality, andrelation degree.
More informationICOM 6005 Database Management Systems Design. Dr. Manuel Rodríguez Martínez Electrical and Computer Engineering Department Lecture 2 August 23, 2001
ICOM 6005 Database Management Systems Design Dr. Manuel Rodríguez Martínez Electrical and Computer Engineering Department Lecture 2 August 23, 2001 Readings Read Chapter 1 of text book ICOM 6005 Dr. Manuel
More informationThe Relational Model. Ramakrishnan&Gehrke, Chapter 3 CS4320 1
The Relational Model Ramakrishnan&Gehrke, Chapter 3 CS4320 1 Why Study the Relational Model? Most widely used model. Vendors: IBM, Informix, Microsoft, Oracle, Sybase, etc. Legacy systems in older models
More information1 Handbook of Information Security Management (1994-95 Yearbook), Auerbach Publishers, 1994, pages 145-160. RELATIONAL DATABASE ACCESS CONTROLS Prof. Ravi S. Sandhu Center for Secure Information Systems
More informationDATABASE SECURITY MECHANISM
DATABASE SECURITY MECHANISM Dorin Iordache Lecturer eng., Romanian Naval Academy Mircea cel Bătrân Fulgerului nr.1, Constanta, 8700, Romania email: diordache@seanet.ro Abstract Database security was and
More informationCS143 Notes: Views & Authorization
CS143 Notes: Views & Authorization Book Chapters (4th) Chapter 4.7, 6.5-6 (5th) Chapter 4.2, 8.6 (6th) Chapter 4.4, 5.3 Views What is a view? A virtual table created on top of other real tables Almost
More informationA basic create statement for a simple student table would look like the following.
Creating Tables A basic create statement for a simple student table would look like the following. create table Student (SID varchar(10), FirstName varchar(30), LastName varchar(30), EmailAddress varchar(30));
More informationCh.5 Database Security. Ch.5 Database Security Review
User Authentication Access Control Database Security Ch.5 Database Security Hw_Ch3, due today Hw_Ch4, due on 2/23 Review Questions: 4.1, 4.3, 4.6, 4.10 Problems: 4.5, 4.7, 4.8 How about the pace of the
More informationOverview. Physical Database Design. Modern Database Management McFadden/Hoffer Chapter 7. Database Management Systems Ramakrishnan Chapter 16
HNC Computing - s HNC Computing - s Physical Overview Process What techniques are available for physical design? Physical Explain one physical design technique. Modern Management McFadden/Hoffer Chapter
More informationCS2Bh: Current Technologies. Introduction to XML and Relational Databases. Introduction to Databases. Why databases? Why not use XML?
CS2Bh: Current Technologies Introduction to XML and Relational Databases Spring 2005 Introduction to Databases CS2 Spring 2005 (LN5) 1 Why databases? Why not use XML? What is missing from XML: Consistency
More informationCHAPTER 22 Database Security Integration Using Role-Based Access Control
CHAPTER 22 Database Security Integration Using Role-Based Access Control Sylvia Osborn Department of Computer Science, The University of Western Ontario London, Ontario, Canada, N6A-5B7 svlvia@csd.uwo.ca
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 5 Database Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Database Security 1 Relational Databases constructed
More informationDatabase System Architecture & System Catalog Instructor: Mourad Benchikh Text Books: Elmasri & Navathe Chap. 17 Silberschatz & Korth Chap.
Database System Architecture & System Catalog Instructor: Mourad Benchikh Text Books: Elmasri & Navathe Chap. 17 Silberschatz & Korth Chap. 1 Oracle9i Documentation First-Semester 1427-1428 Definitions
More informationThe Relational Model. Why Study the Relational Model? Relational Database: Definitions
The Relational Model Database Management Systems, R. Ramakrishnan and J. Gehrke 1 Why Study the Relational Model? Most widely used model. Vendors: IBM, Microsoft, Oracle, Sybase, etc. Legacy systems in
More informationIntroduction to Computing. Lectured by: Dr. Pham Tran Vu t.v.pham@cse.hcmut.edu.vn
Introduction to Computing Lectured by: Dr. Pham Tran Vu t.v.pham@cse.hcmut.edu.vn Databases The Hierarchy of Data Keys and Attributes The Traditional Approach To Data Management Database A collection of
More informationDBMS Questions. 3.) For which two constraints are indexes created when the constraint is added?
DBMS Questions 1.) Which type of file is part of the Oracle database? A.) B.) C.) D.) Control file Password file Parameter files Archived log files 2.) Which statements are use to UNLOCK the user? A.)
More informationDAC vs. MAC. Most people familiar with discretionary access control (DAC)
DAC vs. MAC Most people familiar with discretionary access control (DAC) - Example: Unix user-group-other permission bits - Might set a fileprivate so only groupfriends can read it Discretionary means
More informationThe Structured Query Language. De facto standard used to interact with relational DB management systems Two major branches
CSI 2132 Tutorial 6 The Structured Query Language (SQL) The Structured Query Language De facto standard used to interact with relational DB management systems Two major branches DDL (Data Definition Language)
More informationAn Extended Role-based Access Control Model for. Enterprise Systems and Web Services
An Extended Role-based Access Control Model for Enterprise Systems and Web Services A thesis submitted for the degree of Master of Applied Science by Research (Computer Science) Wei Shi School of Computer
More informationDATABASDESIGN FÖR INGENJÖRER - 1DL124
1 DATABASDESIGN FÖR INGENJÖRER - 1DL124 Sommar 2005 En introduktionskurs i databassystem http://user.it.uu.se/~udbl/dbt-sommar05/ alt. http://www.it.uu.se/edu/course/homepage/dbdesign/st05/ Kjell Orsborn
More informationB.Sc (Computer Science) Database Management Systems UNIT-V
1 B.Sc (Computer Science) Database Management Systems UNIT-V Business Intelligence? Business intelligence is a term used to describe a comprehensive cohesive and integrated set of tools and process used
More informationElena Baralis, Silvia Chiusano Politecnico di Torino. Pag. 1. Active database systems. Triggers. Triggers. Active database systems.
Active database systems Database Management Systems Traditional DBMS operation is passive Queries and updates are explicitly requested by users The knowledge of processes operating on data is typically
More informationOracle Database Security. Nathan Aaron ICTN 4040 Spring 2006
Oracle Database Security Nathan Aaron ICTN 4040 Spring 2006 Introduction It is important to understand the concepts of a database before one can grasp database security. A generic database definition is
More informationCSC 443 Data Base Management Systems. Basic SQL
CSC 443 Data Base Management Systems Lecture 6 SQL As A Data Definition Language Basic SQL SQL language Considered one of the major reasons for the commercial success of relational databases SQL Structured
More informationChapter 6: Physical Database Design and Performance. Database Development Process. Physical Design Process. Physical Database Design
Chapter 6: Physical Database Design and Performance Modern Database Management 6 th Edition Jeffrey A. Hoffer, Mary B. Prescott, Fred R. McFadden Robert C. Nickerson ISYS 464 Spring 2003 Topic 23 Database
More informationSQL, PL/SQL FALL Semester 2013
SQL, PL/SQL FALL Semester 2013 Rana Umer Aziz MSc.IT (London, UK) Contact No. 0335-919 7775 enquire@oeconsultant.co.uk EDUCATION CONSULTANT Contact No. 0335-919 7775, 0321-515 3403 www.oeconsultant.co.uk
More informationChapter 2: Security in DB2
2. Security in DB2 2-1 DBA Certification Course (Summer 2008) Chapter 2: Security in DB2 Authentication DB2 Authorities Privileges Label-Based Access Control 2. Security in DB2 2-2 Objectives After completing
More informationAccess Control Fundamentals
C H A P T E R 2 Access Control Fundamentals An access enforcement mechanism authorizes requests (e.g., system calls) from multiple subjects (e.g., users, processes, etc.) to perform operations (e.g., read,,
More informationCourse: CSC 222 Database Design and Management I (3 credits Compulsory)
Course: CSC 222 Database Design and Management I (3 credits Compulsory) Course Duration: Three hours per week for 15weeks with practical class (45 hours) As taught in 2010/2011 session Lecturer: Oladele,
More informationZero Downtime Deployments with Database Migrations. Bob Feldbauer twitter: @bobfeldbauer email: bob.feldbauer@timgroup.com
Zero Downtime Deployments with Database Migrations Bob Feldbauer twitter: @bobfeldbauer email: bob.feldbauer@timgroup.com Deployments Two parts to deployment: Application code Database schema changes (migrations,
More informationThe process of database development. Logical model: relational DBMS. Relation
The process of database development Reality (Universe of Discourse) Relational Databases and SQL Basic Concepts The 3rd normal form Structured Query Language (SQL) Conceptual model (e.g. Entity-Relationship
More informationThe Relational Model. Why Study the Relational Model? Relational Database: Definitions. Chapter 3
The Relational Model Chapter 3 Database Management Systems 3ed, R. Ramakrishnan and J. Gehrke 1 Why Study the Relational Model? Most widely used model. Vendors: IBM, Informix, Microsoft, Oracle, Sybase,
More informationThe Relational Data Model and Relational Database Constraints
The Relational Data Model and Relational Database Constraints Chapter Outline Relational Model Concepts Relational Model Constraints and Relational Database Schemas Update Operations and Dealing with Constraint
More informationPhysical Database Design Process. Physical Database Design Process. Major Inputs to Physical Database. Components of Physical Database Design
Physical Database Design Process Physical Database Design Process The last stage of the database design process. A process of mapping the logical database structure developed in previous stages into internal
More informationChapter 9, More SQL: Assertions, Views, and Programming Techniques
Chapter 9, More SQL: Assertions, Views, and Programming Techniques 9.2 Embedded SQL SQL statements can be embedded in a general purpose programming language, such as C, C++, COBOL,... 9.2.1 Retrieving
More informationIntroduction to Database Systems
Introduction to Database Systems A database is a collection of related data. It is a collection of information that exists over a long period of time, often many years. The common use of the term database
More informationIdentity Management and Access Control
and Access Control Marek Rychly mrychly@strathmore.edu Strathmore University, @ilabafrica & Brno University of Technology, Faculty of Information Technology Enterprise Security 7 December 2015 Marek Rychly
More informationDB2 - DATABASE SECURITY
DB2 - DATABASE SECURITY http://www.tutorialspoint.com/db2/db2_database_security.htm Copyright tutorialspoint.com This chapter describes database security. Introduction DB2 database and functions can be
More informationT-SQL STANDARD ELEMENTS
T-SQL STANDARD ELEMENTS SLIDE Overview Types of commands and statement elements Basic SELECT statements Categories of T-SQL statements Data Manipulation Language (DML*) Statements for querying and modifying
More informationchapater 7 : Distributed Database Management Systems
chapater 7 : Distributed Database Management Systems Distributed Database Management System When an organization is geographically dispersed, it may choose to store its databases on a central database
More informationRole Based Access Control: Adoption and Implementation in the Developing World
Role Based Access Control: Adoption and Implementation in the Developing World By Loy A.K. Muhwezi Master s Thesis in Computer Science Thesis number: Supervised By Dr. Martijn Oostdijk Radboud University
More informationOracle Education @ USF
Oracle Education @ USF Oracle Education @ USF helps increase your employability and also trains and prepares you for the competitive job market at a much lower cost compared to Oracle University. Oracle
More informationwww.gr8ambitionz.com
Data Base Management Systems (DBMS) Study Material (Objective Type questions with Answers) Shared by Akhil Arora Powered by www. your A to Z competitive exam guide Database Objective type questions Q.1
More informationDatabase Management Systems. Chapter 1
Database Management Systems Chapter 1 Database Management Systems 3ed, R. Ramakrishnan and J. Gehrke 2 What Is a Database/DBMS? A very large, integrated collection of data. Models real-world scenarios
More informationAn Overview of Distributed Databases
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 4, Number 2 (2014), pp. 207-214 International Research Publications House http://www. irphouse.com /ijict.htm An Overview
More informationManaging rights in PostgreSQL
Table des matières Managing rights in PostgreSQL...3 1 The author...3 2 Introduction...4 3 Users, groups and roles...4 3.1 Users and groups...5 3.2 Modifying a role...5 4 Special roles and role attributes...5
More informationHow To Manage Data In A Database System
Database Systems Session 2 Main Theme Relational Data Model & Relational Database Constraints Dr. Jean-Claude Franchitti New York University Computer Science Department Courant Institute of Mathematical
More information1 File Processing Systems
COMP 378 Database Systems Notes for Chapter 1 of Database System Concepts Introduction A database management system (DBMS) is a collection of data and an integrated set of programs that access that data.
More informationDatabase Systems Introduction Dr P Sreenivasa Kumar
Database Systems Introduction Dr P Sreenivasa Kumar Professor CS&E Department I I T Madras 1 Introduction What is a Database? A collection of related pieces of data: Representing/capturing the information
More informationHow Can Data Sources Specify Their Security Needs to a Data Warehouse?
How Can Data Sources Specify Their Security Needs to a Data Warehouse? Arnon Rosenthal The MITRE Corporation arnie@mitre.org Edward Sciore Boston College (and MITRE) sciore@bc.edu Abstract In current warehouse
More informationDatabase Security. Principle of Least Privilege. DBMS Security. IT420: Database Management and Organization. Database Security.
Database Security Rights Enforced IT420: Database Management and Organization Database Security Textbook: Ch 9, pg 309-314 PHP and MySQL: Ch 9, pg 217-227 Database security - only authorized users can
More informationChapter 8. SQL-99: SchemaDefinition, Constraints, and Queries and Views
Chapter 8 SQL-99: SchemaDefinition, Constraints, and Queries and Views Data Definition, Constraints, and Schema Changes Used to CREATE, DROP, and ALTER the descriptions of the tables (relations) of a database
More informationIntroduction to IT Security
Marek Rychly mrychly@strathmore.edu Strathmore University, @ilabafrica & Brno University of Technology, Faculty of Information Technology Enterprise Security 30 November 2015 Marek Rychly ES, 30 November
More informationBridge from Entity Relationship modeling to creating SQL databases, tables, & relations
1 Topics for this week: 1. Good Design 2. Functional Dependencies 3. Normalization Readings for this week: 1. E&N, Ch. 10.1-10.6; 12.2 2. Quickstart, Ch. 3 3. Complete the tutorial at http://sqlcourse2.com/
More informationNew Security Options in DB2 for z/os Release 9 and 10
New Security Options in DB2 for z/os Release 9 and 10 IBM has added several security improvements for DB2 (IBM s mainframe strategic database software) in these releases. Both Data Security Officers and
More informationScheme G. Sample Test Paper-I
Scheme G Sample Test Paper-I Course Name : Computer Engineering Group Course Code : CO/CM/IF/CD/CW Marks : 25 Hours: 1 Hrs. Q.1 Attempt Any THREE. 09 Marks a) List any six applications of DBMS. b) Define
More information