SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)



Similar documents
Chapter 23. Database Security. Security Issues. Database Security

COSC344 Database Theory and Applications. Lecture 23 Security and Auditing. COSC344 Lecture 23 1

ITM661 Database Systems. Database Security and Administration

BM482E Introduction to Computer Security

Database Security and Authorization

Chapter 23. Database Security. Security Issues. Database Security

Database Security. Sarajane Marques Peres, Ph.D. University of São Paulo

Database Security. Database Security Requirements

Course mechanics. CS 458 / 658 Computer Security and Privacy. Course website. Additional communication

INFO/CS 330: Applied Database Systems

Database Security. Chapter 21

Introduction to IT Security

Database and Data Mining Security

Security and Authorization. Introduction to DB Security. Access Controls. Chapter 21

Identity Management and Access Control

Chapter 24. Database Security. Copyright 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley

CS377: Database Systems Data Security and Privacy. Li Xiong Department of Mathematics and Computer Science Emory University

CS 458 / 658 Computer Security and Privacy. Course mechanics. Course website. Module 1 Introduction to Computer Security and Privacy.

Chapter 8 A secure virtual web database environment

Computer Security: Principles and Practice

ISSECO Syllabus Public Version v1.0

1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services

Database Security. Soon M. Chung Department of Computer Science and Engineering Wright State University

Welcome to Information Systems Security (503009)

Database security. André Zúquete Security 1. Advantages of using databases. Shared access Many users use one common, centralized data set

ISP12 Information Security Policy Account Management

Access Control Intro, DAC and MAC. System Security

DAC vs. MAC. Most people familiar with discretionary access control (DAC)

Access Control. Dr George Danezis

CSE331: Introduction to Networks and Security. Lecture 1 Fall 2006

Best Practices, Procedures and Methods for Access Control Management. Michael Haythorn

Overview of Information Security. Murat Kantarcioglu

How-To Guide: Cyber Security. Content Provided by

Database Security. The Need for Database Security

Unit 3 Cyber security

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Access Control Models Part I. Murat Kantarcioglu UT Dallas

Information Security Information & Network Security Lecture 2

4. Identify the security measures provided by Microsoft Office Access. 5. Identify the methods for securing a DBMS on the Web.

A Review Report on Security Threats on Database

Ch.5 Database Security. Ch.5 Database Security Review

ICTN Enterprise Database Security Issues and Solutions

In This Lecture. Security and Integrity. Database Security. DBMS Security Support. Privileges in SQL. Permissions and Privilege.

IT360: Applied Database Systems. Database Security. Kroenke: Ch 9, pg PHP and MySQL: Ch 9, pg

CSC 443 Data Base Management Systems. Basic SQL

Part III. Access Control Fundamentals

SECURITY MODELS FOR OBJECT-ORIENTED DATA BASES

DISCRETIONARY ACCESS CONTROL. Tran Thi Que Nguyet Faculty of Computer Science & Engineering HCMC University of Technology ttqnguyet@cse.hcmut.edu.

Database Security Guideline. Version 2.0 February 1, 2009 Database Security Consortium Security Guideline WG

Comprehensive Approach to Database Security

Data Security Incident Response Plan. [Insert Organization Name]

DATABASE SECURITY, INTEGRITY AND RECOVERY

Database Security. Principle of Least Privilege. DBMS Security. IT420: Database Management and Organization. Database Security.

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

<Insert Picture Here> How to protect sensitive data, challenges & risks

5.5. Penetration Tests. Report of the Auditor General of the Ville de Montréal to the City Council and to the Urban Agglomeration Council

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

CIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 6

Database security issues PETRA BILIĆ ALEXANDER SPARBER

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

Role Based Access Control: Adoption and Implementation in the Developing World

ADO and SQL Server Security

Computer security Lecture 3. Access control

ISACA PROFESSIONAL RESOURCES

Computer Security (EDA263 / DIT 641)

Through the Security Looking Glass. Presented by Steve Meek, CISSP

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Security Goals Services

A Database Security Management White Paper: Securing the Information Business Relies On. November 2004

Securing Data in Oracle Database 12c

Relational Schema. CS 4700/6700 A Sample of Small Database Design Using Microsoft Access

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

Defense In-Depth to Achieve Unbreakable Database Security

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

Chapter 9, More SQL: Assertions, Views, and Programming Techniques

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

Lab Assignment Creating a Relational Database Schema from ER Diagram, Populating the Database and Querying over the database with SQL

CSN38:Tracking Privileged User Access within an ArcSight Logger and SIEM Environment Philip Lieberman, President and CEO

MySQL Security: Best Practices

12 FAM 650 ACQUISITION SECURITY REQUIREMENTS FOR OPERATING SYSTEMS AND SUBSYSTEM COMPONENTS

Database Application Security Models and Policies

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Passing PCI Compliance How to Address the Application Security Mandates

DATABASE SECURITY MECHANISMS AND IMPLEMENTATIONS

Office of Inspector General

Chapter 7. Information security services to be provided by a database server. in a virtual web database environment

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 7 Access Control Fundamentals

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Data Processing Agreement for Oracle Cloud Services

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus

HIPAA Compliance with LT Auditor+

Trusted RUBIX TM. Version 6. Multilevel Security in Trusted RUBIX White Paper. Revision 2 RELATIONAL DATABASE MANAGEMENT SYSTEM TEL

Notes on Network Security - Introduction

Third Party Security Requirements Policy

Database Security Encryption

The Need for Real-Time Database Monitoring, Auditing and Intrusion Prevention

Securing sensitive data at Rest ProtectFile, ProtectDb and ProtectV. Nadav Elkabets Presale Consultant

REDCap General Security Overview

Transcription:

SECURITY CHAPTER 24 (6/E) CHAPTER 23 (5/E)

2 LECTURE OUTLINE Threats and countermeasures Access control mechanisms SQL s grant and revoke Role of views

3 THREATS What are the threats? Loss of integrity E.g. Student changing grades for a class they re taking Loss of confidentiality Learning something from the database you shouldn t know Loss of availability Denial of service Causing DB to be unavailable to authorized programs / people Who's trying to mess with us? Outsiders Amateurs, Script kiddies, Crackers Corporate competitors Organized crime Government cyberwarriors" Terrorists / activists Insiders Disgruntled, bribed, or naïve employees Accidental mis-use

4 HOW SECURE SHOULD WE MAKE DB? Principle of Easiest Penetration A system is only as strong as its weakest link" Perpetrator will attack most vulnerable part(s) of the system To build secure systems, need to think like an attacker! How would you get private information from the Canada Revenue Agency database? Chapters? Facebook? UW? Principle of Adequate Protection Security is economics" Don't spend $100,000 to protect a system if maximum loss is only $1000 in damage. Don't spend only $100 to protect a system if maximum loss is $100,000 in damage.

5 DEFENSES AGAINST SECURITY BREACH (Compare to securing your bicycle) Prevent it Stop the attack for happening Deter it Make the attack harder or more expensive Deflect it Make yourself less attractive to attacker Detect it Notice that attack is occurring (or has occurred) Recover from it Mitigate the effects of the attack

6 ASPECTS OF DB SECURITY Legal and ethical compliance / Business rules Requirements to maintain accurate information Requirements to disclose information to appropriate people Requirements to not disclose information to inappropriate people Where will security be enforced? by the physical environment? by locked doors? by armed guards? by the hardware? by the software? by the OS? by the DBMS? by applications programs? DBMS includes security subsystem Levels of security Access / no access Partial access Limited authorizations Authorizations based on user role, time of day, location, etc. Emergency access

7 COUNTERMEASURES Access control Limiting access to the database (or parts of the database) Requires authentication (e.g., through login and password) Usually includes auditing Inference control Preventing deductions about database content Access to summary data without ability to determine individuals data Flow control Keeping information from being transferred illegitimately Control over covert channels Encryption Making information unintelligible unless authorized Making changes traceable to source Requires security keys and key maintenance

8 AUDIT TRAIL Record all operations on DB Which user, which operation, which data Could be integrated with transaction log Include reads as well as writes Audit the log if suspicions arise Review accesses and updates during time period Test for irregular behaviour Examples: Identify who last changed record Identify authorized, but unethical reading of confidential data e.g., Britney Spears medical record

10 ACCESS CONTROL MECHANISMS Discretionary access control (DAC) Granting specific user access to specific piece of data in specific way E.g., let John Smith insert employees into Employee table Mandatory access control (MAC) User s security clearance must match data s security class Bell-LaPadula Model No read-up (to protect data) e.g., must have sufficiently high clearance to read top secret data No write-down (for flow control) e.g., person with high clearance cannot update unclassified object Role based access control (RBAC) Users assigned roles Roles entitled to specific permissions on specific data E.g., emergency physician can update any patient record

11 GRANT AND REVOKE DAC support in SQL If A1 wants to allow A4 to update only the salary attribute of Employee, A1 can issue GRANT UPDATE ON Employee (salary) TO A4; or GRANT UPDATE ON Employee (salary) TO A4 WITH GRANT OPTION; Similarly to undo an earlier grant, A1 can issue REVOKE SELECT ON Employee FROM A3; A3 can no longer read Employee unless also granted by other user Revocation also propagates to other users granted privilege by A3

12 GRANULARITY OF PRIVILEGES Object Table (or view) vs. column SELECT, INSERT, DELETE, and ALTER are not column specific UPDATE and REFERENCES privileges can specify columns SQL does not support tuple-specific privileges System Create, alter, drop tables, views, etc. Creator of object gets all (object) permissions on that object

13 DAC MODEL: ACCESS CONTROL MATRIX Rows represent subjects (users, accounts, programs) Columns represent objects (relations, records, columns, views, operations). M(i,j) represents privileges that subject i holds on object j. Include who granted the privilege (to support revocation) E.g., privileges {select, insert, delete, update, }, bold grant option Employee Department Dept_locations Project Works_on Dependent Ashley sidu (sys) sidu (sys) sidu (sys) sidu (sys) sidu (sys) Bobbie s (Ashley) s (Ashley) s (Ashley, Eddie) idu (Ashley) Charlie s (Ashley) s (Ashley) s (Ashley) Dana s (Ashley, Charlie) Eddie s (Ashley) siu (Ashley) siu (Ashley) sidu (sys) siu (Bobbie) Lee s (Eddie, Charlie) s (Dana)

15 VIEWS FOR SECURITY View selects some rows and columns from one or more tables. Other data values are inaccessible through view. E.g., CREATE VIEW SalesStaff AS ( SELECT Fname, Lname, Address FROM Employee WHERE Dno IN (SELECT Dnumber FROM Department WHERE Dname = 'sales') AND salary < 50000); Grant privileges on view without granting privileges on base tables. GRANT SELECT ON SalesStaff TO Smith; Can only access data in view Similar for insert, delete, update Other base data is protected

16 DATA INFERENCE Derivation of sensitive data from (supposedly) non-sensitive data Direct attack Attacker issues query that directly yields sensitive data Might obfuscate query to fool DBMS SELECT AVG(salary) FROM staff WHERE lastname = 'Adams' OR (sex!= 'M' AND sex!= 'F') Solution: k-anonymity Every statistical answer must depend on at least k records Indirect attack Infer sensitive data from statistical results Judicial use of several k-anonymous queries SELECT SUM(salary) SELECT SUM(salary) WHERE lastname!= 'Adams'

17 LECTURE SUMMARY Overview of database security Threats and countermeasures Discretionary Access Control SQL s grant and revoke Security through views k-anonymity

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information