Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Week14 - Security

    Hochgeladen von

    Muhammad Asghar Khan
    52 Ansichten12 Seiten
    Database Security can be considered in the following situations: Theft and fraud loss of confidentiality (Secrecy) loss of integrity loss of availability Database Security (2 / 2) Threat Any situation or event, whether intentional or unintentional, that will adversely affect a system and consequently an organization. Computer based security controls can be: 1. 2. 3. 4. 5. 6. 7. Authorization Access controls Views Backup and recovery Integrity Encryption RAID technology.

    Originalbeschreibung:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PPT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Database Security can be considered in the following situations: Theft and fraud loss of confidentiality (Secrecy) loss of integrity loss of availability Database Security (2 / 2) Threat Any situation or event, whether intentional or unintentional, that will adversely affect a system and consequently an organization. Computer based security controls can be: 1. 2. 3. 4. 5. 6. 7. Authorization Access controls Views Backup and recovery Integrity Encryption RAID technology.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    52 Ansichten12 Seiten

    Week14 - Security

    Hochgeladen von

    Muhammad Asghar Khan
    Database Security can be considered in the following situations: Theft and fraud loss of confidentiality (Secrecy) loss of integrity loss of availability Database Security (2 / 2) Threat Any situation or event, whether intentional or unintentional, that will adversely affect a system and consequently an organization. Computer based security controls can be: 1. 2. 3. 4. 5. 6. 7. Authorization Access controls Views Backup and recovery Integrity Encryption RAID technology.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 12

    Database II

    Database Security

    1
    Muhammad Asghar Khan
    Database Security (1/2)

     The protection of the database against threats using


    both technical and administrative controls

     Database security includes hardware, software, people


    and data

     A database security can be consider in the following


    situations:
    • Theft and fraud
    • Loss of confidentiality (Secrecy)
    • Loss of privacy
    Loss of integrity
    • Loss of availability
    2
    Database Security (2/2)

     Threat
    • Any situation or event, whether intentional or un-
    intentional, that will adversely affect a system and
    consequently an organization

    • Following are some of the examples of threats


    • Unauthorized amendment of data
    • Illegal entry by hacker
    • Data corruption due to power loss or usage
    • Introduction of viruses

    3
    Computer Based Controls (1/9)

     Computer based security controls can be:

    1. Authorization
    2. Access controls
    3. Views
    4. Backup and recovery
    5. Integrity
    6. Encryption
    7. RAID technology

    4
    Computer Based Controls (2/9)

    1. Authorization
    • Granting of right or privilege (license) which enables a
    user/program/object/code etc. to legitimately (legally) have
    accesses to a system

    • The process of authorization involves authentication

    • Authentication can be defined as a mechanism by which a


    user/program/object etc. is determined to be the genuine
    user/program/object etc. that they claim to be

    • Password mechanism is the most popular method for


    authentication

    5
    Computer Based Controls (3/9)

    • SQL standard supports DAC through the GRANT and


    REVOKE commands.

    • The GRANT command gives privileges to users, and the


    REVOKE command takes away privileges.

    • An additional approach is required called Mandatory


    Access Control (MAC).

    • The SQL standard does not include support for MAC

    6
    Computer Based Controls (4/9)

    2. Access control
    • Based on the granting and revoking of privileges.

    • A privilege allows a user to create or access (that is read,


    write, or modify) some database object (such as a relation,
    view, and index) or to run certain DBMS utilities.

    • Privileges are granted to users to accomplish the tasks


    required for their jobs.

    • Most DBMS provide an approach called Discretionary


    Access Control (DAC).

    7
    Computer Based Controls (5/9)

    3. Views
    • A view is a dynamic result of one or more relational
    operations operating on the base relations to produce another
    relation

    • A view is a virtual relation that doesn’t actually exists in the


    database, but produced at the time of request

    • View can be used to present only the data which is relevant to


    a user, and hiding other fields

    • A view can be defended over several tables with user being


    granted privilege to use it
    8
    Computer Based Controls (6/9)

    4. Backup
    • Process of periodically taking a copy of the database and
    log file (and possibly programs) to offline storage media.

     Journaling
    • Process of keeping and maintaining a log file (or journal)
    of all changes made to database to enable effective
    recovery in event of failure.

    9
    Computer Based Controls (7/9)

    5. Integrity
    • Prevents data from becoming invalid, and hence giving
    misleading or incorrect results.

    6. Encryption
    • The encoding of the data by a special algorithm that
    renders the data unreadable by any program without the
    decryption key.

    10
    Computer Based Controls (8/9)

    7. RAID (Redundant Array of Independent Disks) Technology


    • Hardware that the DBMS is running on must be fault-tolerant,
    meaning that the DBMS should continue to operate even if one of
    the hardware components fails.

    • Suggests having redundant components that can be seamlessly


    integrated into the working system whenever there is one or more
    component failures.

    • The main hardware components that should be fault-tolerant


    include disk drives, disk controllers, CPU, power supplies, and
    cooling fans.

    11
    Computer Based Controls (9/9)

    • Disk drives are the most vulnerable components with the


    shortest times between failure of any of the hardware
    components.

    • One solution is to provide a large disk array comprising an


    arrangement of several independent disks that are
    organized to improve reliability and at the same time
    increase performance

    12

    Das könnte Ihnen auch gefallen