Transcript Database Security

Database Security
Outline..
• Introduction
• Security requirement
• Reliability and Integrity
• Sensitive data
• Inference
• Multilevel databases
• Multilevel security
Security requirment
• The list of requirement for database security
– Physical database integrity
• Eg. Power failure
– Logical database integrity
• The structure of the database is preserved. That is
modification of one field does not affect other field.
– Element Integrity
• The data contained in each element must be
accurate. Using field check, access control and
change log.
Cont..
• Auditability
– It is possible to track who or what has accessed or
modified the elements in the database.
• Access control
– A user is allowed to access only authorized data
• User authentication
– User has to positively identify for authorized data
access
• Availability
– User can access all the data for which he has access.
Reliability and Integrity
Reliability :
database guards against loss or damage.
Database concerns about reliability and integrity can be
viewed from three dimensions:
1. Database integrity: whole database is protected
against damage (e.g. disk failure, corruption of data)
2. Element integrity: specific data value is changed by
authorized users.
3. Element accuracy: only correct values are written into
the elements of database.
Reliability and Integrity
• Two-phase update:
– First phase: intent phase
• Gathers all the resources it needs to perform
update.
• Last event of this phase is committing, commit flag
– That is database has passed the point of no return.
– Second phase makes the permanent changes
– Shadow values:
• This values are stored during the intent phase and
copied actually during commit phase.
Redundancy /Internal consistency
• To detect internal inconsistency DBMS maintains
following information:
• Error detection and correction codes
– Shadow fields: duplicate fields-for replacement in
case of error or data lost.
– Recovery: in case of failure, recover from backup
copy
– Concurrency and consistency: in multi-user system
locking is required.
• Improper concurrent access may lead to conflict, erroneous
data,etc.
• To resolve this problem, DBMS treats the entire query-update
cycle as a single atomic operation
Monitors.
• It is a unit of DBMS responsible for the structural
integrity of the database.
• Can check values being entered to ensure their
consistency.
– E.g. type mis-match
• Several forms of monitors:
– Range comparison.
– State constraints:
describe the state of entire database.
– Transition constraints: describe conditions necessary
before changes can be made to database.
Sensitive data
• Data that should not be made public
• Factors that make data sensitive:
– Inherently sensitive: location of critical data itself
– Declared sensitive: by DBA
– Part of Database: attribute or record
– Sensitive in relation to previously disclosed
information
• Access decision:
– “what” data and “who” should have access to it.
– DBA decisions based on Access policy.
Types of disclosure
• Exact data: exact value of a sensitive data item
itself
• Bounds
• Negative result
• Existence of data itself and not a value.
Security vs precision
• We want to disclose only those data that are not
sensitive.
• “We want to disclose as much data as possible
so that users of the database have access to the
data they need”
• This goal is called precision, aims to protect all
sensitive data while revealing as much nonsensitive data as possible.
• Using precision we maintain perfect
confidentiality.
Inference.