B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.
Database Security Database Management System - 2
Introduction :-
Because of the importance of data and information of organization database security
is an important issue in database management.
The data stored in DBMS is vital to the organization and is consider as a corporate
assets.
Thus database represent as an essential recourse of an organization, which should
be properly secured.
Because of the use of distributed database with client/server architecture, the
database environment becomes more complex.
Managing database security has become more difficult and time consuming.
Therefore, it important for the DBA to develop overall policies, procedures and
appropriate controls to protect the database.
Goal of Database Security :-
The goal of security is the protection of data against threats such as accidental or
intentional loss.
These threats create the problems to the database integrity.
Threats may be defined as any situation or event, whether intentional or accidental
that may affect the system and consequently the organization.
A threat may be caused by a situation or event involving a person, action or
circumstances that are likely to harm an organization.
The harm may be tangible such as loss of hardware, software or data. That harm
may be intangible, such as loss of creditably or client confidence in the organization.
Database security involves allowing or disallowing user from performing action on
the database thus protecting the database from misuse.
DBA is responsible for overall security of database system. Therefore the DBA of an
organization must identify the most serious threats and enforce security to take
appropriate control actions to minimize these threats.
Any individual user or a user group needing to access database system, applies to
DBA for a user account.
The DBA then create an account number and password for user to access the
database basis on policy of organization.
The user afterword login to the DBMS using the given account number and
password whenever database access is needed.
The DBMAS checks for the validity for the user’s given account number and
password. Then the valid user is permitted to use the DBMS and access the
database.
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 1
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
DBMS maintain these two fields of user account and password by creating encrypted
tables.
Threats to Database Security :-
Threats to database security may be direct, for example, browsing, changing or
stealing of data by an unauthorized user access.
To ensure the secure database, all parts of the system must be secure including the
database, the hardware, the operating system, networks, users and even the
building and houses of the computer system.
Some of the threats that must be addressed in a database security plan are as
follows :
Loss of availability
Loss of data integrity
Loss of confidentiality or secrecy
Loss of privacy
Theft and fraud
Accidental losses
Loss of Availability means that the data or the system or both cannot be access by
the users. This situation can arise due to the crash of hardware, networks or
applications. The loss of availability can seriously cause operational difficulties and
affect the financial performance of an organization.
Loss of Data Integrity causes invalid or corrupted data which may seriously affect
the operation of an organization. Unless data integrity is restore through established
backup and recovery procedure, an organization may suffer serious losses or make
incorrect and expensive decisions based on the wrong or invalid data.
Loss of Confidentiality refers to loss of protecting or maintaining secrecy over
critical data of the organization, which may have strategic value to the organization.
Loss of confidentiality may lead to loss of competitiveness.
Loss of Privacy refers to loss of protecting data from individual. Loss of privacy
could lead to blackmail, bribery (corruption), and public embarrassment, stealing of
user password or action being taken against the organization.
Theft and Fraud affects not only the database environment but also the entire
organization. Since this situation is relate to the involvement of people attention
should be given to reduce opportunity for the occurrence of these activities. For
example, control of physical security, so that unauthorized person cannot able to
gain access to the computer room. Another example of security procedure could be
establishment of a firewall to protect from unauthorized access.
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 2
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
Accidental Losses could be unintentional threats including human error, software
and hardware.
Authorization and authentication :-
Authorization :-
Authorization is the process of a grating of right or privileges to the user to have a
limited access to a system or objects of the system.
It is an administrative policy of the organization, express as a set of rules that can be
used to determine which user has what type of access to which portion of database.
Authentication :-
Authentication is a mechanism that determines whether a user is who he or she
claims to be. In other words, an authentication checks whether a user operating
upon the database is allow to doing so or not. It verify the identity of the user.
The simplest form of authentication is a simplest consists of a secret password which
must be presented when a connection is open to database.
Authorization and Authentication controls can be built into the software. Authorization
rules are incorporated in DBMSs that restrict access to data and also restrict the
action that people may take when they access data.
For example, a user using a particular password may be authorized to read any
record from database but cannot necessarily modify any of those records.
For this reason authentication controls are sometimes refer to as access controls.
Following two types of access control techniques are used in database security
system:
Discretionary access control.
Mandatory access control.
1. Discretionary Access Control (DAC):-
DAC is based on the concept of privileges and mechanism for giving such privileges
to user.
It grant the privileges to user on different object, including capability to access
specific data file, records or fields in specified mode, such as, read, insert, delete or
update or combination.
A user who creates a database object such as a table or view automatically gets all
applicable privileges on that object.
The DBMS keep track of how these privileges are granted to other users and it is
very flexible.
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 3
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
Granting / Revoking Privileges :-
Audit Trail :-
Granting / Revoking Privileges :-
Granting and revoking privileges to the users is the responsibility of database
administrator of DBMS.
DBA classifies users and data in accordance with the policy of the organization.
DBA privileged commands include commands for granting and revoking privileges to
individual accounts, users or user groups.
It performs the following types of actions :-
a. Account Creation: - This action creates a new account and password for a
user or a group of users to enable them to access a database.
b. Privilege Granting: - This action permits the DBA to grant certain privileges to
certain accounts.
c. Privilege Revoking: - this action permits DBA to revoke certain privileges that
were previously given to certain accounts.
d. Security Level Assignment: - This action consists of assigning user accounts
to the appropriate security classification level.
The account level privilege assignment :-
CREATE SCHEMA Privileges To create schemas
CREATE TABLE Privileges To create tables
CREATE VIEW Privileges To create views
ALTER Privileges To apply schema changes such as adding or removing attributes.
DROP Privileges To delete relations or view.
MODIFY Privileges To INSERT, UPDATE or DELETE tuples.
SELECT Privileges To retrieve information from database using SELECT query.
Examples of GRANT Privileges :-
Syntax :-
GRANT {ALL | privilege list}
ON {table-name [column list] | view-name [column list]}
TO {PUBLIC | user list}
[WITH GRANT OPTION]
or
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 4
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
GRANT {ALL | privilege list [column list]}
ON {table name | view name}
TO {PUBLIC | user list}
[WITH GRANT OPTION]
ALL All the privileges for the object will be granted
Privilege List Only the listed privileges are granted.
It specifies the object on which the privileges are granted. It can be a table
ON
or view.
Privileges are restricted to the specified column. If this is not specified the
Column List
grant is given for all the tables.
TO It is used to identify the users to whom the privileges are granted.
Privileges are granted to all known users of the system who has valid User
PUBLIC
ID and Password.
User List Privileges are granted to the specific users only.
It means that the recipients have the authority to grant the
WITH GRANT OPTION
privileges that were granted to him to another user.
Examples of REVOKE Privileges :-
Syntax :-
REVOKE {ALL | privilege list}
ON {table-name [column list] | view-name [column list]}
FROM {PUBLIC | user list}
or
REVOKE {ALL | privilege list [column list]}
ON {table name | view name}
FROM {PUBLIC | user list}
Audit Trail :-
An Audit Trail is a special file or database in which the system automatically keeps
track of all operations performed by user on the regular data.
It is a log of all changes to the database along with information such as which user
performed the changes and when the changes were performed.
In some system Audit Trail is physically integrated with the transaction log, in others
the Audit Trail and transaction log might be distinct.
The Audit Trail provides the security to the database. For example, if the balance of
the bank account is found to be incorrect, bank may wish to track all the updates
performed on the account to find out incorrect updates, well as the person who
carried out the updates.
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 5
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
A typical Audit Trail entry might contain the information as following :-
o Request (Source Text)
o Terminal from which the operation was evoked.
o User who evoked the operation.
o Date and time of the operation.
o Tuples and attributes affected.
o Old value.
o New value.
2. Mandatory access control (MAC):-
MAC is based on system-wide policies that cannot be changed by individual users.
It is used to enforced multilevel security by classifying the data and user into various
security classes or levels and then implementing the appropriate security policy of
the organization.
Thus, in this schema each data object is labeled with a certain classification level
and each user is given a certain clearance level.
A given data object can then be accessed only by users with the appropriate
clearance of a particular classification level.
Thus, a MAC technique classifies data and users based on security classes such as
Top Secret (TS), Secret (S), Confidential (C) and Unclassified (U).
The DBMS determines whether a given user can read or write a given object based
on certain rules that involve the security level of the object and the clearance of the
user.
The commonly used MAC technique for multilevel security is known as the Bel-
LaPadula model.
The Bel-LaPadula model is described in terms of Subject (Users, Accounts,
Programs), Objects (Relations or Tables, Tuples, Attributes, Views, Operations) and
clearance.
This model classifies each subject and object into one of the security classification
TS, S, C, U.
The security classes in a system are organized according to a particular order, with a
most secure class and a least secure class.
This model enforces following two restrictions on data access based on the
subject/object classification.
Simple Security Property :-
In this case, a subject S is not allowed read access to an object O unless
classification of subject S is greater than or equal to classification of object O .
class (S) ≥ class(O)
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 6
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
Star Security Property :-
In this case, a subject S is not allowed to write an object O unless
classification of subject S is less than or equal to classification of an object O.
class (S) ≤ class (O)
Firewalls :-
A firewall is a designed to prevent unauthorized access to or form a private network.
Firewalls can be implemented in both hardware and software, or a combination of
both.
They are frequently use to prevent unauthorized Internet users from accessing
private network connecting to the Internet, especially to the Intranet.
All messages entering and leaving the internet passes to the firewall, which examine
each messages and blocks those that do not meet the specified security criteria.
Following are some of the firewall techniques :
Packet filter
Application Gateway
Circuit-level Gateway
Proxy Server
1. Packet Filter :-
o Packet Filter looks at each packet entering or leaving the network and accepts
or rejects it based on user-defined rules.
o Packet Filtering is a fairly effective mechanism and transparent to user.
2. Application Gateway :-
o In an application gateway, security mechanism is applied to specific
applications such as File Transfer Protocol (FTP), and Telnet Servers.
3. Circuit-level Gateway :-
o These security mechanisms are applied when a Transport Control Protocol
(TCP) or User Datagram Protocol (UDP) connection is established. Once the
connection has been made, packets can flow between the hosts without
further checking.
4. Proxy Server :-
o Proxy Server intercepts all messages entering and leaving the network. In
Proxy Server in effect hide the true network address.
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 7
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
Statistical Database Security :-
Statistical database security system is used to control the access to a statistical
database, which is used to provide statistical information or summaries of values
based on various criteria.
A Statistical database contains confidential information about individuals or
organizations, which is used to answer Statistical queries concerning sum, average,
and numbers with certain characteristics.
Thus a Statistical database permits queries that derive aggregated information, for
example, sums, averages, counts, maximums, minimums, standard deviations,
means, totals, or a query such a “What is the average salary of managers?”. They do
not permits queries that derived individual information such as “What is a salary of
employee named Kartik?”.
In Statistical queries, Statistical functions are applied to a population of tuples. A
population is a set of tuples of a relation that satisfy some selection condition.
For example, let us consider a relation schema EMPLOYEE :
Relation : EMPLOYEE
Emp_ID Emp_Name Gender City Phone Salary
Each selection condition on the EMPLOYEE relation will specify a particular
population of EMPLOYEE tuples.
For example, the condition Gender = ‘M’ specifies the Male population and condition
(Gender = ‘M’ and City = ‘Rajkot’) specifies the Male population who lives in Rajkot.
Statistical database security prohibits users not to retrieve individual data, such as
the salary of a specific employee.
This is controlled by prohibiting queries that retrieve attribute values and by allowing
only queries that involves Statistical aggregate functions such as SUM, MIN, MAX,
MEAN, COUNT etc.
Data Encryption :-
Data encryption is a method of coding or scrambling of data so that humans cannot
read them.
In this method data is encrypted by a special algorithm that renders the data
unreadable by any program or human without the decryption key.
This technique is used to protect from threats in user attempt to bypass the system.
For example, by physically removing the part of database or by tapping into a
communication line and so on.
Data encryption technique converts the readable data into a unreadable data by use
of an algorithm.
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 8
B.H.GARDI COLLEGE OF ENGINEERING & TECHNOLOGY (MCA Dept.)
Database Security Database Management System - 2
Encrypted data cannot be read by any user unless that user knows the encryption
method.
Some of the encryption schemas that are used in database security are as follows :
Simple Substitution Method :-
Polyalphabetic Substitution Method :-
1. Simple Substitution Method :-
In this method each letter of plaintext is shifted to its immediate successor in the
alphabet.
The blank space appears immediately before the alphabet ‘a’ and it follows the
alphabet ‘z’.
For example the message “Well done” is encrypted as follows :
Encrypted form :- “xfmmaepof”
2. Polyalphabetic Substitution Method :-
In this method an encryption key is used.
Suppose we want to encrypt the message “Drive slow”. But now an encryption key is
given as, say for example, “safety”.
The encryption is done as follow:
The key is aligned between the plain text and is repeated as many times as
necessary for the plaintext to be completely covered. In this example we would have
Well done
safetysaf
The blank space occupies the 27th (Last but one), and 28th (Last) position in the
alphabet. For each character, alphabet position of the plain text character and that of
the key character is added.
The resultant number is divided by 27 and reminder is kept separately.
For our example first letter of the plain text ‘W’ is found at 23rd position and first
letter of key ‘s’ is found at 19th position. Thus, (23+19) = 42. the reminder after
division by 27 is 15.
This process is called division modulus 27.
Now we can find the letter at 15th position is ‘O’ thus the plain text letter ‘W’ is
encrypted as ‘O’ in the cipher text.
In this way all the letters can be encrypted.
Prepared By :- Ajay A. Ardeshana Mobile :- 9558820298
Email :- ajay.24021985@gmail.com Page # 9