Scribd
Upload
154 views

Chap-2-Database Security and Authorization

The document discusses database security and authorization. It defines database security as the tools, controls, and measures designed to establish and preserve database confidentiality, integrity, and availability. The main objectives of database security are secrecy, integrity, and availability. Access control mechanisms like discretionary access control and role-based access control restrict access to database objects. Privileges can be granted and revoked using GRANT and REVOKE commands to manage user authorization.

Uploaded by

teshu wodesa
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
154 views

Chap-2-Database Security and Authorization

The document discusses database security and authorization. It defines database security as the tools, controls, and measures designed to establish and preserve database confidentiality, integrity, and availability. The main objectives of database security are secrecy, integrity, and availability. Access control mechanisms like discretionary access control and role-based access control restrict access to database objects. Privileges can be granted and revoked using GRANT and REVOKE commands to manage user authorization.

Uploaded by

teshu wodesa
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 38

… Recap

•Query processing and optimization


• Procedures in query processing

•Translating SQL queries into relational algebra


• Why we translate SQL queries into RA expression?
CHAPTER TWO

DATABASE SECORITY AND AUTHORIZATION

2.1 Introduction to Database Security

by
Nibretu K
Session Plan
•Topic/Title: Database security and authorization
•Session objectives: At the end of this session, students will be
able to:
• Define database security and authorization
• Understand about access control mechanisms
• Discretionary Access Control
• Mandatory Access Control
• Role-Based Access Control
• Encryption/Decryption
• Identify issues related to database Security
•Teaching method: Gap Lecture, Question & answer, and
Brainstorming.
•Assessment method: Oral Question, class activity
Outline
•Database security and authorization
•Access control mechanisms
• Discretionary Access Control
• Mandatory Access Control
• Role-Based Access Control
• Encryption/Decryption
•Major issues related to database Security

What is database security?

 In today's society, some information is extremely


important as to have to be protected.

 For example:
 Disclosure or modification of military information
could cause danger to national security.

 A good database security management system has to


handle the possible database threats.

Definition:
 Database security refers to the range of tools, controls
mechanisms, and measures (policy) designed to establish
and preserve database confidentiality, integrity, and
availability.

 Security measures must be taken at several


levels.

 The collective measures used to protect and secure
our database and database systems against any
(intentional or accidental) threats.
 Threat  any intentional or accidental event that may
adversely affect the system.
 Example:
o Unauthorized copy of data,
o Program data alteration,
o Illegal entry by hackers,,,etc

Three main objectives
Secrecy (confidentiality)

Integrity

Availability

Secrecy
Information should not be disclosed to unauthorized
users.

For example, a student should not be allowed to


examine other students’ grades.

Integrity
Only authorized users should be allowed to modify
data.

For example, students may be allowed to see their


grades, yet not allowed to modify them.

Availability
Information/data (or DB) should be available for users who

have a legal right/privilege.

 Data/information should be available whenever needed.

 Authorized users should not be denied access.

For example, an instructor who wishes to change a grade

should be allowed to do so.


DB authentication & authorization
 Authentication is the process of checking whether the user is
the one with the privilege for the access level.

 Database users have different access levels and


permission for different data objects.
 So, the system will check whether the user with a
specific username and password is trying to use the
resource.

Who are you? Prove it?



Authorization/Privilege

The process that determines the mode in which a


particular (previously authenticated) client is allowed to
access a specific resource controlled by a server.

 What types of privileges / permissions are given for a user


to access objects / resources?
 What are you allowed to do?

 Any database access request will have the following three


major components.
 Requested Operation (Access privilege):
What kind of operation is requested by a specific query?
 Requested Object (resources or object ) :
On which resource or data of the database is the operation
sought to be applied?
 Requesting User (Subject):
Who is the user requesting the operation on the specified
object?

Forms of user authorization


 There are different forms of user authorization on the resource of
the database. These includes :
 Read authorization: the user with this privilege is allowed only
to read the content of the data object.
 Insert authorization: the user with this privilege is allowed only
to insert new records or items to the data object.

 Update authorization: users with this privilege are allowed to
modify content of attributes but are not authorized to delete the
records.
 Delete authorization: users with this privilege are only allowed
to delete a record and not anything else.

 Note: Different users, depending on the power of the user, can


have one or the combination of the above forms of authorization
on different data objects.
Database Security and the DBA

 The database administrator is the central authority for


managing a database system.
 The DBA’s responsibilities include:
 Account creation.
 Granting privileges to users who need to use the
system.
 Privilege revocation.
 Classifying users and data in accordance with the
policy of the organization.
2. Access Control
A security mechanism for restricting access to a

system’s objects or resources from unauthorized use.


A way to control the data that is addressable to a given

user.
Protects against a wide variety of threats.
Unauthorized access
Unapproved modification of data
Lack of data confidentiality

Basic elements of Access control
 Subject:
An entity capable of access resources.
It is often a software process.
Eg: owner, group, role,,etc
 Object:
Resources to which access is controlled.
Eg: files, records, blocks, programs,,,etc.
 Access right:
Describe ways in which a subject may access an object.
Eg: read, write, update, delete…etc

Two types of AC:
Discretionary AC
Mandatory AC
Discretionary Access Control
Based on the concept of privileges, and mechanisms for
giving users such privileges.

It can be ensured by using data control languages.


GRANT and REVOKE commands.

Recall
What are the three types of database languages?
Privilege
A permission given by a DBA.
It provides right to execute a particular types of SQL
statement.

It allows a user to access some data object in a certain


manner (e.g., to read or to modify).

SQL supports discretionary access control through


GRANT and REVOKE commands.

Grant : 
SQL Grant command is specifically used to provide
privileges (permissions, rights, access) to database objects
 for a user.

Syntax: 
GRANT privilege_name
ON object_name
TO {user_name | public | role_name}

Example 1:
Suppose that the DBA creates four accounts:A1, A2, A3,
A4 and wants only A1 to be able to create relations. Then
the DBA must issue the following GRANT command in
SQL.

GRANT CREATE TABLE


TO A1;

Example 2:
Suppose that A1 creates the two base relations
EMPLOYEE and DEPARTMENT.
 A1 is then owner of these two relations and hence A1
has all the relation privileges on each of them.
Suppose that A1 wants to grant A2 the privilege to insert
and delete rows in both of these relations, but A1 does not
want A2 to be able to propagate these privileges to
additional accounts:

GRANT INSERT, DELETE


ON EMPLOYEE, DEPARTMENT
TO A2;

Note: this command also allows users to grant
permissions to other users too, called grant propagation.
Example 3:
 Suppose that A1 wants to allow A3 to retrieve
information from either of the table (Department or
Employee) and also to be able to propagate the SELECT
privilege to other accounts.
 A1 can issue the command:

GRANT select
ON EMPLOYEE, DEPARTMENT
TO A3 with grant option;

 A3 can grant the SELECT privilege on the EMPLOYEE
relation to A4 by issuing:
GRANT SELECT
ON EMPLOYEE
TO A4;

 Note: A4 can’t propagate the SELECT privilege because


GRANT OPTION was not given to A4.

Example 4:
 Suppose that A1 decides to revoke the SELECT
privilege on the EMPLOYEE relation from A3; A1 can
issue:
REVOKE SELECT
ON EMPLOYEE
FROM A3;

 Note: The DBMS must now automatically revoke the


SELECT privilege on EMPLOYEE from A4, too,
because A3 granted that privilege to A4 and A3 does not
have the privilege any more.

Example 5:
Suppose that A1 wants to give back to A3 a limited
capability to SELECT from the EMPLOYEE relation
and wants to allow A3 to be able to propagate the
privilege.

The limitation is to retrieve only the E_NAME,


E_AGE, and E_ADDRESS attributes and only for the
tuples with E_DNO = 5.

A1 then create the view:


CREATE VIEW A3EMPLOYEE AS
SELECT E_NAME, E_AGE, E_ADDRESS
FROM EMPLOYEE
WHERE E_DNO = 5;

After the view is created, A1 can grant SELECT on the


view A3EMPLOYEE to A3 as follows:

GRANT SELECT
ON A3EMPLOYEE
TO A3 WITH GRANT OPTION;

Example 6:
Finally, suppose that A1 wants to allow A4 to update
only the E_SALARY attribute of EMPLOYEE;

A1 can issue:


GRANT UPDATE
ON EMPLOYEE (E_SALARY)
TO A4;

Revoke : 
Revoke user privileges on database objects if any
granted.

Is a complementary command to GRANT, that allows


the withdrawal of granted privileges.

When a privilege is revoked from a particular user U, then the


privileges granted to all other users by user U will be revoked. 

Syntax: 

REVOKE privilege_name
ON object_name
FROM {user_name | public | role_name}

 Example:
 REVOKE SELECT
 ON EMPLOYEE
 FROM A4

 Note: This revoke command will withdraw a SELECT


privilege which was Granted for user A4 on Employee
relation.
Mandatory Access Control

Applied based on security classes and clearance levels.


It is based on system wide policies that cannot be
changed by individual users.

All-or-Nothing method:
A user either has or does not have a certain
privilege.

It classifies data and users based on security classes.
Typical security classes are:
Top
secret (TS)
Secret (S)
Confidential (C) and
Unclassified (U)
Where TS is the highest level and U the lowest:
TS ≥ S ≥ C ≥ U.

Each database object is assigned a security class;
Each user is assigned clearance for a security class,
and rules are imposed on reading and writing of
database objects by users.

SQL does not include any support for mandatory


access control.

I Thank You !!!


&
Any Question
??

You might also like