Ch.5 Database Security. Ch.5 Database Security Review

Transcription

1 User Authentication Access Control Database Security Ch.5 Database Security Hw_Ch3, due today Hw_Ch4, due on 2/23 Review Questions: 4.1, 4.3, 4.6, 4.10 Problems: 4.5, 4.7, 4.8 How about the pace of the class? Please me any comments you have How many of you have taken a Database class? 1 Ch.5 Database Security Review Database is one of most popular applications What is exactly a database? Database Management Systems (DBMS) A structured collection of data stored for applications Database Definition Language (DDL) to define database logical structure and procedural properties Database Manipulation Language (DML) provide a set of tools for developers Query languages are declarative languages for end users» Select grade=a from Class2009 A student grade system 2 1

2 Database Overview 3 Relational Databases A table of data: rows + columns constructed from tables of data each column holds a particular type of data: id# each row contains a specific value these: s_record Primary key: at least one column where all values are unique, forming an identifier for that row Relational DBs use multiple tables linked by identifiers Create a flat table including everything is inefficient and inflexible Many blank fields; cannot add more columns Users access the DB via a relational query language Select items based on given criteria 4 2

3 Relational Database Example Deal with dynamics Add/delete services Access current bill 5 Relational Database Elements Basic building block: relation / table / file tuple / row / record attribute / column / field primary key uniquely identifies a row foreign key links one table to attributes in another view is a virtual table as the result of a query restricted access to a DB 6 3

4 Relational Database Elements All records in the employee table plus dept info Linked by Did 7 Structured Query Language (SQL) developed by IBM in the mid-1970s standardized language to define, manipulate, and query data in a relational database several similar versions of ANSI/ISO standard CREATE TABLE department ( Did INTEGER PRIMARY KEY, Dname CHAR (30), Dacctno CHAR (6) ) CREATE VIEW newtable (Dname, Ename, Eid, Ephone) AS SELECT D.Dname E.Ename, E.Eid, E.Ephone FROM Department D Employee E CREATE TABLE employee ( WHERE E.Did = D.Did Ename CHAR (30), Did INTEGER, SalaryCode INTEGER, Eid INTEGER PRIMARY KEY, Ephone CHAR (10), FOREIGN KEY (Did) REFERENCES department (Did) ) 8 4

5 Database Access Control DBMS provide access control for database assume have authenticated user DBMS provides specific access rights to portions of the database e.g. create, insert, delete, update, read, write to entire database, tables, selected rows or columns possibly dependent on contents of a table entry can support a range of policies: centralized administration: a small # of privileged users ownership-based administration: owner can grant/revoke access rights to a table decentralized administration: give authorization right to other users 9 SQL Access Controls two commands: GRANT { privileges role } [ON table] TO { user role PUBLIC } [IDENTIFIED BY password] [WITH GRANT OPTION]» e.g. GRANT SELECT ON ANY TABLE TO ricflair REVOKE { privileges role } [ON table] FROM { user role PUBLIC }» e.g. REVOKE SELECT ON ANY TABLE FROM ricflair typical access rights are: SELECT, INSERT, UPDATE, DELETE, REFERENCES 10 5

6 Cascading Authorizations What happens if Bob revokes David s right? David gives it Ellen at t=40 after getting it from Bob at t30 David gets it from Chris at t=50 after granting it to Ellen Revoking also cascading 11 Role-Based Access Control role-based access control work well for DBMS eases admin burden, improves security categories of database users: application owner: owns the database end user: operates on the database Administrator: manages the database DB RBAC must manage roles and their users cf. RBAC on Microsoft s SQL Server Fixed server roles: for all DB management Fixed database roles: for a single DB User-defined roles: access a portion of DB 12 6

7 Inference 13 Inference Example Same row order 14 7

8 Inference Countermeasures inference detection at database design alter database structure or access controls to prevent» E.g., split tables, fine grained control Need to find all possible inference attacks a priori inference detection at query time by monitoring and altering or rejecting queries Need to detect in real-time inference detection algorithms Analyzing the dependencies between attributes within/across a table Merging views with the same constraints E.g., the access to the previous two views at the same time is not authorized 15 Statistical Databases provides data of a statistical nature e.g. counts, averages two types: pure statistical database ordinary database with statistical access» some users have normal access, others statistical access control objective to allow statistical use without revealing individual entries One security problem is inference 16 8

9 Statistical Database Security use a characteristic formula C a logical formula over the values of attributes e.g. (Sex=Male) AND ((Major=CS) OR (Major=EE)) query set X(C) of characteristic formula C, is the set of records matching C a statistical query is a query that produces a value calculated over a query set 17 Abstract Model of Relational DB 18 9

10 C = a characteristic formula, consisting of a logical formula over the values of attributes. X(C) = query set of C, the set of records satisfying C. 19 Statistical Database Example Baker is the only female EE student Count(EE Female)=1 Sum(EE Female,GP)=