Scribd
Upload
58 views18 pages

RDBMSPPT

This document discusses database security and access control. It notes that databases face threats like loss of integrity, availability, and confidentiality. To protect against these threats, access control, flow control, and encryption are needed. Access control regulates who can view or use computing resources by controlling communication and interaction. It gives organizations control over resource availability, integrity, and confidentiality. The document describes discretionary access control, which grants privileges to users, and mandatory access control, which enforces policies that cannot be changed by users. It provides examples of how access control manages data classification and user clearance. The Bell-Lapadula model is designed to protect classified information based on subjects, objects, security classes, and clearances.

Uploaded by

rava
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
58 views18 pages

RDBMSPPT

This document discusses database security and access control. It notes that databases face threats like loss of integrity, availability, and confidentiality. To protect against these threats, access control, flow control, and encryption are needed. Access control regulates who can view or use computing resources by controlling communication and interaction. It gives organizations control over resource availability, integrity, and confidentiality. The document describes discretionary access control, which grants privileges to users, and mandatory access control, which enforces policies that cannot be changed by users. It provides examples of how access control manages data classification and user clearance. The Bell-Lapadula model is designed to protect classified information based on subjects, objects, security classes, and clearances.

Uploaded by

rava
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 18

PRESENTATION

ON
DATABASE SECURITY
CONTENTS
WHY WE NEED ACCESS CONTROL?

SOME ARE THE THREATS TO DATABASE:-


LOSS OF INTEGRITY
LOSS OF AVAILABILITY
LOSS OF CONFIDENTIALITY
TO PROTECT DATABASE FROM THESE TYPES OF THREATS WE NEED:

ACCESS CONTROL

FLOW CONTROL

ENCRYPTION
WHAT IS ACCESS CONTROL
ACCESS CONTROL IS A SECURITY TECHNIQUE THAT CAN BE
USED TO REGULATE WHO OR WHAT CAN VIEW OR USE
RESOURCES IN AN COMPUTING ENVIRONMENT.

ACCESS CONTROLS ARE SECURITY FEATURE THAT CONTROL


HOW USER AND SYSTEM CAN COMMUNICATE AND
INTERACT WITH OTHER SYSTEM AND RESOURCES .

ACCESS CONTROL GIVE ORGANIZATION THE ABILITY TO


CONTROL, RESTRICT, MONITOR AND PROTECT RESOURCES
AVAILABILITY , INTERIGTY AND CONFIDENTIALITY .
DISCRETIONARY ACCESS
CONTROL
 Discretionary access control based on the concept of
access rights (privileges) and mechanism for giving
users such privileges.

 It grants the privileges to users on different objects,


including the capability to access specific data files,
records or fields in a specified mode, such as, read,
insert, delete or update or combination of these.
EXAMPLE:-
MANDATORY ACCESS CONTROL
 Mandatory access control also called security
scheme.
 It is based on system-wide policies that
cannot be changed by individual users.
 It is used to enforce multi-level security by
classifying the data and users into various
security levels.
 In this scheme each data object is labeled with
a certain classification level .
CONT…
 . A given data object can then be accessed only by users
with the appropriate security of a particular classification
level.
 Thus, a mandatory access control technique classifies data
and users based on security classes such as top secret (TS),
secret (S), confidential (C) and unclassified (U).
 The DBMS determines whether a given user can read or
write a given object based on certain rules that involve the
security level of the object and the clearance of the user.
 The commonly used mandatory access control technique
for multi-level security is known as the Bel-LaPadula
model.
EXAMPLE

LEVEL 1

LEVEL 2 LEVEL3

 USERS WORK IN COMPANY AND COMPANY


DECIDE HOW DATA SHOULD BE SHARED FROM THE
USER.
GRANT AND REVOKE
Granting and revoking privileges(Access Rights) to the
users is the responsibility of database administrator
(DBA) of the DBMS.

 PRIVILEGES GRANTING: Privilege granting action


permits the DBA to grant certain privileges (access rights)
to certain user.
 PRIVILEGES REVOKING: Privilege revoking action
permits the DBA to revoke (cancel) certain privileges
(access rights) that were previously given to certain user.
SYNATX AND EXAMPLES OF GRANT
PRIVILEGES
 In SQL, granting of privileges is accomplished
using GRANT command.
SYNTAX:-
GRANT {ALL | privilege-list}
ON {table-name [(column-comma-list)]
[(column-comma-list)]}
TO {PUBLIC | user-list}
[WITH GRANT OPTION]
CONT….
EG:-1
GRANT SELECT,UPDATE
ON EMPLOYEE
TO ABHISHEK, MATHEW
WITH GRANT OPTION

EG:- 2 GRANT SELECT


ON EMPLOYEE
TO PUBLIC
SYNTAX AND EXAMPLES OF REVOKE
PRIVILEGES
 In SQL, revoking of privileges is accomplished
using REVOKE command.
SYNTAX:-

REVOKE {ALL | privilege-list}


ON {table-name [(column-comma-list)] | view-name
[(column-comma-list)]}
FROM {PUBLIC | user-list}
CONT….
EG1:-
REVOKE SELECT
ON EMPLOYEE
FROM MATHEW

EG2:- REVOKE ALL


ON EMPLOYEE
FROM MATHEW
BELL LAPADULA MODEL
 DESIGNED TO PROTECT CLASSIFIED INFORMATION
 ADDRESS DATA CONFIDENTIALITY
 BUILT ON STATE MACHINE CONCEPT

COMMUNICATION LINK
CONT….
 It is described in terms of subjects (for example,
users, accounts, programs), objects (for example,
relations or tables, tuples, columns, views,
operations), security classes (for example, TS, S, C or
U) and clearances.
 The Bel-LaPadula model classifies each subject and
object into one of the security classifications TS, S, C
or U.
 The security classes in a system are organized
according to a particular order, with a most secure
class and a least secure class.
CONT….
PROPERTIES OF BELL-LAPADULA MODEL:
 Simple security property: In this case, a subject S is not
allowed read access to an object O unless classification of
subject S is greater than or equal to classification of an
object O. In other words

class (S) ≥ class (O)


 Star security property: In this case, a subject S is not allowed
to write an object O unless classification of subject S is less
than or equal to classification of an object O. In other words.

class (S) ≤ class (O)


THANK
YOU

You might also like