Scribd Logo
Hochladen

Willkommen bei Scribd!

  • 04-1-Introduction Database Security

    Hochgeladen von

    Amirali Hossiny
    11 Ansichten14 Seiten

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    11 Ansichten14 Seiten

    04-1-Introduction Database Security

    Hochgeladen von

    Amirali Hossiny

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 14

    ISLAMIC REPUBLIC OF AFGHANISTAN

    MINISTRY OF HIGHER EDUCATION


    GHALIB UNIVERSITY
    COMPUTER SCEINE FACULTY
    Distributed Database(Semester 5)

    (Database Security)

    Lecturer: Hamed Amir y

    6/21/2020 DISTRIBUTED DATABASE LECTURE 02 SPRING 2020 1


    Table of content
    What is database security?
    Reasons of security
    Threats
    Types of security
    External security
    Internal security

    6/21/2020 DISTRIBUTED DATABASE LECTURE 02 SPRING 2020 2


    What is Database Security?
    Protecting the database from unauthorized access, modification & destruction is called database security.
    OR
    The mechanisms that protect the database against intentional or accidentals threat is called database
    security.
    A database contain the most crucial data, in case of loss of security the data could proved to be disastrous.

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 3


    Reasons of security
    Database security is concerned to avoiding the following situations.
    Theft and fraud
    Loss of confidentiality (secrecy)
    Loss of privacy
    Loss of Integrity
    Loss Availability

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 4


    Cont.…
    Theft and fraud:
    Theft & fraud do not necessarily alter data. Theft & fraud effect not only the database but also the entire
    organization.
    Loss of confidentiality:
    In this situation the confidential data of an organization lost. From lost we do not mean unavailability.
    But means that the data become no more confidential to the organization.

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 5


    Cont.…
    Loss of Privacy:
    Privacy refers to the need to protect data about individual. In case of loss of privacy, the data become
    available to every one.
    Loss of Integrity:
    Integrity means keep the database in its correct form. But incase of loss of security, the database become
    no more integrated.
    Loss of Availability: it means that the data or the system or both not be accessed.

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 6


    Threats
    Threats represent any intentional or accidental event which can violate the security of database.
    Potential threats to a computer system may be from the following resources.
    Hardware
    Communication Network
    DBMS and Application S/W

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 7


    Cont.…
    Database
    Database Administrator
    Programmers
    End Users
    Hardware: due to the H/W of the System the threats to a system are.
    Fire, Flood, bombs
    Data corruption due to power loss.
    Physical damage to equipment's.

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 8


    Cont.…
    Communication N/W: Communication N/W threats may be.
    ◦ Wire-Tapping
    ◦ Breaking or disconnection of cables.
    ◦ Un wanted program (Virus).
    DBMS and Application S/W: The threats from DBMS and application S/W
    ◦ Theft of program
    ◦ Failure of security mechanisms
    ◦ Program alteration

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 9


    Cont.…
    Database: from database side threads are
    ◦ Unauthorized copying of data.
    ◦ Theft of data
    Database Administrator: some time the database administrator design inadequate security policies.
    Programmer: Some time programmers may also provide some threats to the database . These threat may
    be,
    ◦ creating trap doors,
    ◦ Creating S/W that is insecure,
    ◦ Inadequate staff training,
    ◦ Inadequate security.

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 10


    Types of security
    There are two types of Database Security.

    External security

    Internal security

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 11


    EXTERAL SECURITY
    From external security we means the physical protection of the computer system.
    External Security is possible though
    Authorized person should have a unique uniform.
    IDs should be checked properly of the users.
    Computer lab should be locked properly.
    The authorized person should not be allowed to take any explosive or liquid things near the computer.

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 12


    Internal security
    This means protecting the information from unauthorized access , modification and destruction.
    Internal security is possible though the following mechanism.
    Views
    Authorization
    Encryption
    Backup & Recovery
    Integrity
    RAID Technology
    Biometric Device.

    6/21/2020 DISTRIBUTED DATABASE LECTURE 04 & 05 SUMMER 2019 13


    Any Question??
    Please write your questions and suggestions on the group!

    6/21/2020 DISTRIBUTED DATABASE LECTURE 02 SPRING 2020 14

    Das könnte Ihnen auch gefallen