KEMBAR78
Presentation on Database Security in DBMS | PPTX
Uploaded byGaurav977214
PPTX, PDF9 views

Presentation on Database Security in DBMS

DBMS Database Security

Download to read offline
Database Security Deepa Rani
What is data security? • Data security is the protection of the data from unauthorized users. • Only the authorized users are allowed to access the data. • Most of the users are allowed to access a part of database i.e., the data that is related to them or related to their department. • Mostly, the DBA or head of department can access all the data in the database. • Some users may be permitted only to retrieve data, whereas others are allowed to retrieve as well as to update data.
Security v/s Integrity Security Integrity Data security deals with protection of data. Data integrity deals with the validity of data. Data security is making sure that only the people who should have access to the data are the only ones who can access the data. Data integrity is making sure that the data is correct and not corrupt. Data security avoids from unauthorized access of data. Data integrity avoids from human errors, when data is entered. Data security is implemented through user account (passwords). Data integrity is implemented through constraints such as Primary key, Foreign key, Check constraints etc.
Database security issues  Database security a broad area  Legal, ethical, policy, and system-related issues  Threats to databases  Loss of integrity  Improper modification of information  Loss of availability  Legitimate user cannot access data objects  Loss of confidentiality  Unauthorized disclosure of confidential information
 Threats to databases  Loss of integrity  Loss of availability  Loss of confidentiality  To protect databases against these types of threats four kinds of countermeasures can be implemented:  Access control  Inference control  Flow control  Encryption Database security issues
Database security issues  A DBMS typically includes a database security and authorization subsystem that is responsible for ensuring the security portions of a database against unauthorized access.  Two types of database security mechanisms:  Discretionary security mechanisms  Mandatory security mechanisms
Control Measures  Control measures  Access control  Handled by creating user accounts and passwords  Inference control (for statistical DBs)  Must ensure information about individuals cannot be accessed.  database security discipline that protects data so that it can be published without revealing confidential information  Flow control  Prevents information from flowing to unauthorized users  Data encryption  Used to protect sensitive transmitted data
 Database administrator (DBA)  Central authority for administering database system  Superuser or system account  DBA-privileged commands  Account creation  Privilege granting  Privilege revocation  Security level assignment Database Security and DBA
Access control methods of data security • There are three different methods of data access control: 1. Discretionary access control (DAC) 2. Mandatory access control (MAC) 3. Role based access control (RBAC)
Discretionary access control • In discretionary access control (DAC), the owner of the object specifies (decides) which subjects (user) can access the object. • In this method a single user can have different rights on different objects, as well as different user can have different rights on the same objects. RollNo Name Branch Sem SPI BL 101 Raju CE 3 6 1 101 Mitesh CE 5 9 0 102 Jay CE 3 8 0 Studen t HOD Coordinato r Faculty Studen t • Read and Write (Full rights) • On entire table (3 tuples) • Read and Write (Full rights) • Partial table (2 or 1 tuples) • Read (Partial rights) • Partial table (Only 1 tuple) • Read (Partial rights) • Partial table (2 or 1 tuples)
Discretionary access control • SQL support discretionary access control through the GRANT and REVOKE commands. • GRANT • This command gives rights to user for an object. • Syntax:- GRANT privilege ON object TO user [WITH GRANT OPTION] • REVOKE • This command takes back rights from user for an object. • Syntax:- REVOKE privilege ON object FROM user {RESTRICT/CASCADE}
Discretionary access control  Relation or table level (cont’d.)  Each relation R assigned an owner account  Owner of a relation given all privileges on that relation  Owner can grant privileges to other users on any owned relation  SELECT (retrieval or read) privilege on R  Modification privilege on R  References privilege on R
Discretionary access control  Consider owner A of relation R and other party B  A can create view V of R that includes only attributes A wants B to access  Grant SELECT on V to B  Can define the view with a query that selects only those tuples from R that A wants B to access
Revocation and Propagation of Privileges  Revoking of Privileges  Useful for granting a privilege temporarily  REVOKE command used to cancel a privilege  Propagation of privileges using the GRANT OPTION  If GRANT OPTION is given, B can grant privilege to other accounts  DBMS must keep track of how privileges were granted if DBMS allows propagation
Simple GRANT Syntax  GRANT priv_type [, priv_type] ... ON object_type TO user [user] ... [WITH GRANT OPTION ]
Example: Granting/Revoking Privileges  DBA to A1  GRANT CREATETAB TO A1;  A1 can create new tables  A1 creates relations Emp and Dept  A1 to A2  GRANT INSERT DELETE on Emp, Dept TO A2;  A2 was not given the WITH GRANT OPTION  A2 cannot give privilege to other users
Example: Granting/Revoking Privileges  A1 to A3  GRANT SELECT On Emp, Dept TO A3 WITH GRANT OPTION;  A3 given the WITH GRANT OPTION  A3 can give privilege to other users  A3 to A4  GRANT SELECT On Emp TO A4;  A4 cannot propagate the SELECT privilege
Mandatory access control • In this method individual user cannot get rights. • But all the users as well as all the objects are classified into different categories. • Each user is assigned a clearance level and each object is assigned a security level. • A user can access object of particular security level only if he has proper clearance level. • The DBMS (system) determines whether the given user can read or write a given object based on some rules. • This rule makes sure that sensitive data can never be passed to a user without necessary clearance. Top Secret Secret Confidential Unclassified
Mandatory access control • Mandatory access control technique for multi-level security uses four components: • Subjects:- Such as users, accounts, programs etc. • Objects:- Such as relation (table), tuples (records), attribute (column), view etc. • Clearance level:- Such as top secret (TS), secret (S), confidential (C), Unclassified (U). Each subject is classified into one of these four classes. • Security level:- Such as top secret (TS), secret (S), confidential (C), Unclassified (U). Each object is classified into one of these four classes. • In the above system TS>S>C>U, where TS>S means class TS object is more sensitive than class S object. • A user can access data by following two rules • Security property:- • Security property states that a subject at a given security level may not read an object at a higher security level. • Star (*) security property:- • Star (*) property states that a subject at a given security level may not write to any object at a lower security level.
Mandatory Access Control  Mandatory access control  Additional security policy that classifies data and users based on security classes  Typical security classes  Top secret  Secret  Confidential  Unclassified  Bell-LaPadula model  Subject and object classifications
 Simple security property  Subject S not allowed read access to object O unless class(S)≥class(O)  Star property (*-property)  Subject not allowed to write an object unless class(S)≤class(O)  Prevent information from flowing from higher to lower classifications  Attribute values and tuples considered as data objects Mandatory Access Control
Role-Based Access Control  Permissions associated with organizational roles  Users are assigned to appropriate roles  Can be used with traditional discretionary and mandatory access control  Mutual exclusion of roles  Both roles cannot be used simultaneously  Identity management
Role based access control (RBAC) rules • It restricts database access based on a person's role within an organization. The roles in RBAC refer to the levels of access that employees have to the network. • Employees are only allowed to access the information necessary to effectively perform their job duties. • Access can be based on several factors, such as authority, responsibility, and job competency. • In addition, access to computer resources can be limited to specific tasks such as the ability to view, create, or modify a file. • Lower-level employees usually do not have access to sensitive data if they do not need it to fulfil their responsibilities. • Using RBAC will help in securing your company’s sensitive data and important applications.
Audit trail (audit log) • An audit trail (audit log) is a record which will be generated for each and every transactions. • It will keep certain information about the transaction. • An audit trail (audit log) records • Who (user or the application program and a transaction number) • When (date and time) • From Where (location of the user and/or terminal) • What (identification of the data affected, as well as a before-and-after image of that portion of the database that was affected by the update operation)
Data encryption • Data encryption is the process of encoding (translating) a message or information in such a way that only authorized persons can access it and those who are not authorized cannot. • Encryption is the process of translating plaintext data (plaintext) into something that appears to be meaningless (ciphertext). • Decryption is the process of converting ciphertext back to plaintext. • Types of Encryption • Symmetric key encryption / Private key encryption • Asymmetric key encryption / Public key encryption
Types of Encryption • Symmetric key encryption • Encryption and decryption keys are the same. • The same key is used by the sender to encrypt the data, and again by the receiver to decrypt the data. • Symmetric key encryption is fast in execution. • Asymmetric key encryption • Encryption and decryption keys are the different (Public Key and Private Key). • Messages are encrypted by sender with one key (Public Key) and can be decrypted by receiver only by the other key (Private Key). • Asymmetric key encryption is slow in execution due to the high computational burden.
UNIT 6
Distributed Database
Presentation on Database Security in DBMS
Presentation on Database Security in DBMS

More Related Content

PPTX
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
PDF
Chapter 6 Database Security and Authorization (4).pdf
byabrehamcheru14
 
PPT
UNIT-1-Security.ppt
byDharaDarji5
 
PPTX
Database security and privacy
byMd. Ahasan Hasib
 
PPT
8034.ppt
byssuser77162c
 
PPTX
Database managementsystemes_Unit-7.pptxe
bychnrketan
 
PPTX
security and privacy in dbms and in sql database
bygourav kottawar
 
PPTX
Group 8 - Database Security Version 1.pptx
byHenryQuang1
 
Database Security Methods, DAC, MAC,View
byDr-Dipali Meher
 
Chapter 6 Database Security and Authorization (4).pdf
byabrehamcheru14
 
UNIT-1-Security.ppt
byDharaDarji5
 
Database security and privacy
byMd. Ahasan Hasib
 
8034.ppt
byssuser77162c
 
Database managementsystemes_Unit-7.pptxe
bychnrketan
 
security and privacy in dbms and in sql database
bygourav kottawar
 
Group 8 - Database Security Version 1.pptx
byHenryQuang1
 

Similar to Presentation on Database Security in DBMS

PPT
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
PPTX
3130703_DBMS_GTU_Study_Material_Presentations_Unit-8_16102020044754AM.pptx
byRameshPrasadBhatta2
 
PPTX
databasemanagementsystemsecuritycyb.pptx
byMuhammadMamman2
 
PPTX
Database Security and Management Systems
byIsmaelKakaRealsoft
 
PPT
Security and Authorization introductory notes.ppt
bySubburamSivakumar1
 
PPT
Data base security
bySara Nazir
 
PPTX
database Security for data security .pptx
byKarimAhmed722436
 
PDF
Data base Access Control a look at Fine grain Access method
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
PPTX
Database Security ppt on digital marketing
bypoonamBhalla5
 
PPT
Database security
byPrabhat gangwar
 
PPTX
unit 5 in the database for master of Engineering
bypoonkodiraja2806
 
PPTX
Database Management System Security.pptx
byRoshni814224
 
PDF
Security Issues Surrounding Data Manipulation in a Relational Database
byDavid Murphy
 
PPT
UNIT 1 DBMS Security made by me it hrlps you to makr your future bright.ppt
byAnuradhaGupta789099
 
PPT
Chapter23
bygourab87
 
PDF
ch23-Database Security and Authorization.pdf
byMULE38
 
PDF
ch23-Database Security and Authorization.pdf
byMULE38
 
PDF
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
byKavitaShinde26
 
PPT
Lesson10 Database security
byMuhammad Sikandar Mustafa
 
PPTX
Database security
bySoftware Engineering
 
Lecture 7 Database security managent such as backup, replication.ppt
byAnnKingori
 
3130703_DBMS_GTU_Study_Material_Presentations_Unit-8_16102020044754AM.pptx
byRameshPrasadBhatta2
 
databasemanagementsystemsecuritycyb.pptx
byMuhammadMamman2
 
Database Security and Management Systems
byIsmaelKakaRealsoft
 
Security and Authorization introductory notes.ppt
bySubburamSivakumar1
 
Data base security
bySara Nazir
 
database Security for data security .pptx
byKarimAhmed722436
 
Data base Access Control a look at Fine grain Access method
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
Database Security ppt on digital marketing
bypoonamBhalla5
 
Database security
byPrabhat gangwar
 
unit 5 in the database for master of Engineering
bypoonkodiraja2806
 
Database Management System Security.pptx
byRoshni814224
 
Security Issues Surrounding Data Manipulation in a Relational Database
byDavid Murphy
 
UNIT 1 DBMS Security made by me it hrlps you to makr your future bright.ppt
byAnuradhaGupta789099
 
Chapter23
bygourab87
 
ch23-Database Security and Authorization.pdf
byMULE38
 
ch23-Database Security and Authorization.pdf
byMULE38
 
UNIT 3- DATABASE INTEGRITY AND SECURITY CONCEPTS (1).pdf
byKavitaShinde26
 
Lesson10 Database security
byMuhammad Sikandar Mustafa
 
Database security
bySoftware Engineering
 

Recently uploaded

PPTX
How to Leverage a PIM for a Successful Data Migration 10 2025.pptx
byPaula Levy
 
PPTX
Feed Formulation PEARSON'S SQUARE METHOD.pptx
bybaginareca
 
PPTX
Agentic Systems and Compliance - A brief intro [1.2]
byrobertowilliams
 
PPTX
最新版加拿大卡莫森学院毕业证(CC毕业证书)原版定制成绩单在读证明学历认证
by西澳大利亚大学学历认证【Q微号:1954 292 140】办理学位证(UWA毕业证成绩单)
 
DOCX
Interview with Alannah(ec84b8c2c52c7a8751228128c29f19c8).docx
byjesusjeager
 
PPTX
Bəktiyev Əli-1.pptxyyyyyyyyyyyyyyyyyyyyyyyyy
bynecesen996
 
PDF
The Three-Level ANSI-SPARC Architecture.pdf
byssusere261f6
 
PDF
WORLD BANK - Keys to Energy-Efficient Shipping
byEl Estrecho Digital
 
PDF
RTP_AR_Basic_Learners' Workbook_KS2 [FOR REPRODUCTION] (1).pdf
byRHODABADTING
 
PPTX
MongoDB Developers Best Practices12.pptx
bysivasanniboina1
 
PPTX
Enhance Your Xero P&L in Power BI - Smarter Visuals, Sharper Insights
bySelect Distinct Limited
 
PPTX
Advocate ACS 2025-Dr Salman Shahid.pptx s
bySalmanShahidMamsa
 
DOCX
Why Buying, Old Gmail Accounts Still Matter.docx
byBEST IT SMM
 
PPTX
Tutorial 15 2023.pptx in the materal science
byraprapport3
 
PPTX
Human-relations (1).pptxajajjajjajajjajaj
bykellyjimalipio
 
DOCX
How to twitter Ads Accounts in 2025 (1).docx
byBEST IT SMM
 
PPTX
AoIR2025_LLM_assisted_frame_analysis.pptx
byLauraVodden
 
PPTX
Joseph_Opey_Youth_Digital_Academy_Presentation.pptx
byjosephopey1
 
PDF
Epicentrum Tourism Data August 2025 Bali
bysaravian2
 
PPTX
MLUP_ppt_1_ for project it help students who are eligible
byanshumanbehera981
 
How to Leverage a PIM for a Successful Data Migration 10 2025.pptx
byPaula Levy
 
Feed Formulation PEARSON'S SQUARE METHOD.pptx
bybaginareca
 
Agentic Systems and Compliance - A brief intro [1.2]
byrobertowilliams
 
最新版加拿大卡莫森学院毕业证(CC毕业证书)原版定制成绩单在读证明学历认证
by西澳大利亚大学学历认证【Q微号:1954 292 140】办理学位证(UWA毕业证成绩单)
 
Interview with Alannah(ec84b8c2c52c7a8751228128c29f19c8).docx
byjesusjeager
 
Bəktiyev Əli-1.pptxyyyyyyyyyyyyyyyyyyyyyyyyy
bynecesen996
 
The Three-Level ANSI-SPARC Architecture.pdf
byssusere261f6
 
WORLD BANK - Keys to Energy-Efficient Shipping
byEl Estrecho Digital
 
RTP_AR_Basic_Learners' Workbook_KS2 [FOR REPRODUCTION] (1).pdf
byRHODABADTING
 
MongoDB Developers Best Practices12.pptx
bysivasanniboina1
 
Enhance Your Xero P&L in Power BI - Smarter Visuals, Sharper Insights
bySelect Distinct Limited
 
Advocate ACS 2025-Dr Salman Shahid.pptx s
bySalmanShahidMamsa
 
Why Buying, Old Gmail Accounts Still Matter.docx
byBEST IT SMM
 
Tutorial 15 2023.pptx in the materal science
byraprapport3
 
Human-relations (1).pptxajajjajjajajjajaj
bykellyjimalipio
 
How to twitter Ads Accounts in 2025 (1).docx
byBEST IT SMM
 
AoIR2025_LLM_assisted_frame_analysis.pptx
byLauraVodden
 
Joseph_Opey_Youth_Digital_Academy_Presentation.pptx
byjosephopey1
 
Epicentrum Tourism Data August 2025 Bali
bysaravian2
 
MLUP_ppt_1_ for project it help students who are eligible
byanshumanbehera981
 

Presentation on Database Security in DBMS

  • 1.
  • 2.
    What is datasecurity? • Data security is the protection of the data from unauthorized users. • Only the authorized users are allowed to access the data. • Most of the users are allowed to access a part of database i.e., the data that is related to them or related to their department. • Mostly, the DBA or head of department can access all the data in the database. • Some users may be permitted only to retrieve data, whereas others are allowed to retrieve as well as to update data.
  • 3.
    Security v/s Integrity SecurityIntegrity Data security deals with protection of data. Data integrity deals with the validity of data. Data security is making sure that only the people who should have access to the data are the only ones who can access the data. Data integrity is making sure that the data is correct and not corrupt. Data security avoids from unauthorized access of data. Data integrity avoids from human errors, when data is entered. Data security is implemented through user account (passwords). Data integrity is implemented through constraints such as Primary key, Foreign key, Check constraints etc.
  • 4.
    Database security issues Database security a broad area  Legal, ethical, policy, and system-related issues  Threats to databases  Loss of integrity  Improper modification of information  Loss of availability  Legitimate user cannot access data objects  Loss of confidentiality  Unauthorized disclosure of confidential information
  • 5.
     Threats todatabases  Loss of integrity  Loss of availability  Loss of confidentiality  To protect databases against these types of threats four kinds of countermeasures can be implemented:  Access control  Inference control  Flow control  Encryption Database security issues
  • 6.
    Database security issues A DBMS typically includes a database security and authorization subsystem that is responsible for ensuring the security portions of a database against unauthorized access.  Two types of database security mechanisms:  Discretionary security mechanisms  Mandatory security mechanisms
  • 7.
    Control Measures  Controlmeasures  Access control  Handled by creating user accounts and passwords  Inference control (for statistical DBs)  Must ensure information about individuals cannot be accessed.  database security discipline that protects data so that it can be published without revealing confidential information  Flow control  Prevents information from flowing to unauthorized users  Data encryption  Used to protect sensitive transmitted data
  • 8.
     Database administrator(DBA)  Central authority for administering database system  Superuser or system account  DBA-privileged commands  Account creation  Privilege granting  Privilege revocation  Security level assignment Database Security and DBA
  • 9.
    Access control methodsof data security • There are three different methods of data access control: 1. Discretionary access control (DAC) 2. Mandatory access control (MAC) 3. Role based access control (RBAC)
  • 10.
    Discretionary access control •In discretionary access control (DAC), the owner of the object specifies (decides) which subjects (user) can access the object. • In this method a single user can have different rights on different objects, as well as different user can have different rights on the same objects. RollNo Name Branch Sem SPI BL 101 Raju CE 3 6 1 101 Mitesh CE 5 9 0 102 Jay CE 3 8 0 Studen t HOD Coordinato r Faculty Studen t • Read and Write (Full rights) • On entire table (3 tuples) • Read and Write (Full rights) • Partial table (2 or 1 tuples) • Read (Partial rights) • Partial table (Only 1 tuple) • Read (Partial rights) • Partial table (2 or 1 tuples)
  • 11.
    Discretionary access control •SQL support discretionary access control through the GRANT and REVOKE commands. • GRANT • This command gives rights to user for an object. • Syntax:- GRANT privilege ON object TO user [WITH GRANT OPTION] • REVOKE • This command takes back rights from user for an object. • Syntax:- REVOKE privilege ON object FROM user {RESTRICT/CASCADE}
  • 12.
    Discretionary access control Relation or table level (cont’d.)  Each relation R assigned an owner account  Owner of a relation given all privileges on that relation  Owner can grant privileges to other users on any owned relation  SELECT (retrieval or read) privilege on R  Modification privilege on R  References privilege on R
  • 13.
    Discretionary access control Consider owner A of relation R and other party B  A can create view V of R that includes only attributes A wants B to access  Grant SELECT on V to B  Can define the view with a query that selects only those tuples from R that A wants B to access
  • 14.
    Revocation and Propagationof Privileges  Revoking of Privileges  Useful for granting a privilege temporarily  REVOKE command used to cancel a privilege  Propagation of privileges using the GRANT OPTION  If GRANT OPTION is given, B can grant privilege to other accounts  DBMS must keep track of how privileges were granted if DBMS allows propagation
  • 15.
    Simple GRANT Syntax GRANT priv_type [, priv_type] ... ON object_type TO user [user] ... [WITH GRANT OPTION ]
  • 16.
    Example: Granting/Revoking Privileges DBA to A1  GRANT CREATETAB TO A1;  A1 can create new tables  A1 creates relations Emp and Dept  A1 to A2  GRANT INSERT DELETE on Emp, Dept TO A2;  A2 was not given the WITH GRANT OPTION  A2 cannot give privilege to other users
  • 17.
    Example: Granting/Revoking Privileges A1 to A3  GRANT SELECT On Emp, Dept TO A3 WITH GRANT OPTION;  A3 given the WITH GRANT OPTION  A3 can give privilege to other users  A3 to A4  GRANT SELECT On Emp TO A4;  A4 cannot propagate the SELECT privilege
  • 18.
    Mandatory access control •In this method individual user cannot get rights. • But all the users as well as all the objects are classified into different categories. • Each user is assigned a clearance level and each object is assigned a security level. • A user can access object of particular security level only if he has proper clearance level. • The DBMS (system) determines whether the given user can read or write a given object based on some rules. • This rule makes sure that sensitive data can never be passed to a user without necessary clearance. Top Secret Secret Confidential Unclassified
  • 19.
    Mandatory access control •Mandatory access control technique for multi-level security uses four components: • Subjects:- Such as users, accounts, programs etc. • Objects:- Such as relation (table), tuples (records), attribute (column), view etc. • Clearance level:- Such as top secret (TS), secret (S), confidential (C), Unclassified (U). Each subject is classified into one of these four classes. • Security level:- Such as top secret (TS), secret (S), confidential (C), Unclassified (U). Each object is classified into one of these four classes. • In the above system TS>S>C>U, where TS>S means class TS object is more sensitive than class S object. • A user can access data by following two rules • Security property:- • Security property states that a subject at a given security level may not read an object at a higher security level. • Star (*) security property:- • Star (*) property states that a subject at a given security level may not write to any object at a lower security level.
  • 20.
    Mandatory Access Control Mandatory access control  Additional security policy that classifies data and users based on security classes  Typical security classes  Top secret  Secret  Confidential  Unclassified  Bell-LaPadula model  Subject and object classifications
  • 21.
     Simple securityproperty  Subject S not allowed read access to object O unless class(S)≥class(O)  Star property (*-property)  Subject not allowed to write an object unless class(S)≤class(O)  Prevent information from flowing from higher to lower classifications  Attribute values and tuples considered as data objects Mandatory Access Control
  • 22.
    Role-Based Access Control Permissions associated with organizational roles  Users are assigned to appropriate roles  Can be used with traditional discretionary and mandatory access control  Mutual exclusion of roles  Both roles cannot be used simultaneously  Identity management
  • 23.
    Role based accesscontrol (RBAC) rules • It restricts database access based on a person's role within an organization. The roles in RBAC refer to the levels of access that employees have to the network. • Employees are only allowed to access the information necessary to effectively perform their job duties. • Access can be based on several factors, such as authority, responsibility, and job competency. • In addition, access to computer resources can be limited to specific tasks such as the ability to view, create, or modify a file. • Lower-level employees usually do not have access to sensitive data if they do not need it to fulfil their responsibilities. • Using RBAC will help in securing your company’s sensitive data and important applications.
  • 24.
    Audit trail (auditlog) • An audit trail (audit log) is a record which will be generated for each and every transactions. • It will keep certain information about the transaction. • An audit trail (audit log) records • Who (user or the application program and a transaction number) • When (date and time) • From Where (location of the user and/or terminal) • What (identification of the data affected, as well as a before-and-after image of that portion of the database that was affected by the update operation)
  • 25.
    Data encryption • Dataencryption is the process of encoding (translating) a message or information in such a way that only authorized persons can access it and those who are not authorized cannot. • Encryption is the process of translating plaintext data (plaintext) into something that appears to be meaningless (ciphertext). • Decryption is the process of converting ciphertext back to plaintext. • Types of Encryption • Symmetric key encryption / Private key encryption • Asymmetric key encryption / Public key encryption
  • 26.
    Types of Encryption •Symmetric key encryption • Encryption and decryption keys are the same. • The same key is used by the sender to encrypt the data, and again by the receiver to decrypt the data. • Symmetric key encryption is fast in execution. • Asymmetric key encryption • Encryption and decryption keys are the different (Public Key and Private Key). • Messages are encrypted by sender with one key (Public Key) and can be decrypted by receiver only by the other key (Private Key). • Asymmetric key encryption is slow in execution due to the high computational burden.
  • 27.
  • 28.