Unit 5
Unit 5
Security
COMPILED BY:
GHANASHYAM
BK
Introduction
Security in a database involves mechanisms to protect the data and ensure that it is not
accessed, altered, or deleted without proper authorization.
In other words, Database Security is the mechanism that protects the database against
intentional or accidental threats.
Why need for Database Security?
In case of shared data, multiple users try to access the data at the same time. In order to maintain the
consistency of the data in the database, database security is needed.
Due to advancement of internet, data are accessed through World Wide Web, to protect the data
against hackers, database security is needed.
The plastic money is more popular. The money transaction has to be safe. More specialized software
both to enter the system illegally, extract data is available.
Why is Database Security important?
Databases often store data which is sensitive in nature
Incorrect data or loss of data could negatively affect business operations
Security and integrity violations
The data stored in the database needs to be protected from unauthorized access, malicious
destruction or alteration, and accidental introduction of inconsistency.
Misuse of the database can be categorized as being either intentional (malicious) or accidental.
Accidental loss of data consistency may result from:
Crashes during transaction processing
Abnormalities due to concurrent access to the database
Abnormalities due to the distribution of data over several computers
Security and integrity violations
It is easier to protect accidental loss of data consistency than to protect against malicious
access to the database. Among the forms of malicious access are the following:
Unauthorized reading of data (theft of information)
Unauthorized modification of data
Unauthorized destruction of data
Absolute protection of the database from malicious abuse is not possible if not all attempts to
access the database without proper authority.
The term database security usually refers to security from malicious access, while integrity
refer to the avoidance of accidental loss of consistency.
In practice, the dividing line between security and integrity is not always clear. We shall use the
term security to refer to both security and integrity in cases where the distinction between
these concepts is not essential.
Security and integrity violations
To protect the database, security measures must be taken at several levels:
Physical: The site or sites containing the computer systems must be physically secured
against armed or surreptitious entry by intruders.
Human: Authorization of users must be done carefully to chance of authorized user giving
access to an intruder in exchange for a bribe or other favors.
Operating system: No matter how secure the database system is, in operating system
security may serve as a means of unauthorized access to the database. Since almost all
database systems allow remote access through terminals or networks, software-level security
within the operation system is as important as physical security.
Database system: Some authorized database system users may be authorized to access only
a limited portion of the database. Other users may be allowed to issue queries, but may be
forbidden to modify the data. It is the responsibility of the database system to ensure that
these restrictions are not violated.
Integrity constraints
Integrity constraints provide a means of ensuring that changes made to the database by
authorized users do not result in a loss of data consistency.
In the E-R model, we saw integrity constraints in the form of:
Key declarations, the stipulation that certain attributes form a candidate key for a given entity
set constrains the set of legal insertions.
Form of a relationship, many-to–many, one–to–many, one–to– one. A one-to– one or one–to-
many relationship restricts the set of legal relationships among entities of a collection of
entity sets. Another example of an integrity constraint is set retention in the network model.
Access control
Database access control is a method of allowing access to company’s sensitive data only to
those people (database users) who are allowed to access such data and to restrict access to
unauthorized persons.
It includes two main components: authentication and authorization.
Authentication is a method of verifying the identity of a person who is accessing your
database.
Note that authentication isn’t enough to protect data. An additional layer of security is
required, authorization, which determines whether a user should be allowed to access the data
or make the transaction he’s attempting.
Without authentication and authorization, there is no data security.
Any company whose employees connect to the Internet, thus, every company today, needs
some level of access control implemented.
Types of Access Control
Discretionary Access Control (DAC)
With DAC models, the data owner allows access. DAC is a means of assigning access rights
based on user-specified rules.
Mandatory Access Control (MAC)
MAC was developed using a nondiscretionary model, in which people are granted access
based on an information clearance. MAC is a policy in which access rights are assigned based
on central authority regulations.
Role Based Access Control (RBAC)
RBAC grants access based on a user’s role and implements key security principles such as
“least privilege” and “separation of privilege.” Thus, someone attempting to access
information can only access data necessary for their role.
Discretionary Access Control
(DAC)
In discretionary access control (DAC), the owner of the object specifies (decides) which
subjects (user) can access the object.
In this method a single user can have different rights on different objects, as well as different
user can have different rights on the same objects.
Mandatory Access Control
(MAC)
In this method individual user cannot get rights.
But all the users as well as all the objects are classified into different categories.
Each user is assigned a clearance level and each object is assigned a security level.
A user can access object of particular security level only if he has proper clearance level.
The DBMS (system) determines whether the given user can read or write a given object based on
some rules.
This rule makes sure that sensitive data can never be passed to a user without necessary
clearance.
Mandatory Access Control
(MAC)
Mandatory access control technique for multi-level security uses four components:
Subjects:- Such as users, accounts, programs etc.
Objects:- Such as relation (table), tuples (records), attribute (column), view etc.
Clearance level:- Such as top secret (TS), secret (S), confidential (C), Unclassified (U). Each subject is
classified into one of these four classes.
Security level:- Such as top secret (TS), secret (S), confidential (C), Unclassified (U). Each object is classified
into one of these four classes.
In the above system TS>S>C>U, where TS>S means class TS object is more sensitive than class S object.
A user can access data by following two rules
Security property:-
Security property states that a subject at a given security level may not read an object at a higher
security level.
Star (*) security property:-
Star (*) property states that a subject at a given security level may not write to any object at a lower
security level.
Role Based Access Control
(RBAC)
It restricts database access based on a person's role within an organization. The roles in RBAC
refer to the levels of access that employees have to the network.
Employees are only allowed to access the information necessary to effectively perform their
job duties.
Access can be based on several factors, such as authority, responsibility, and job competency.
In addition, access to computer resources can be limited to specific tasks such as the ability to
view, create, or modify a file.
Lower-level employees usually do not have access to sensitive data if they do not need it to
fulfil their responsibilities.
Using RBAC will help in securing your company’s sensitive data and important applications.
Authorization
A user may have several forms of authorization on part of the database.
Among these are the following:
Read authorization, which allows reading, but not modification of data
Insert authorization, which allows insertion of new data, but not the modification of existing data
Update authorization, which allows modification, but not deletion, of data
Delete authorization, which allows deletion of data.
Authorization
In addition to the above forms of authorization for access to data, a user may be granted
authorization to modify the database scheme:
Index authorization, which allow creation and deletion of indices
Resources authorization, which allow the creation new relations
Alteration authorization, which allow the addition or deletion of attributes in a relation
Drop authorization, which allows the deletion of relations
The drop and delete authorization differ in that delete authorization allows deletion of tuples
only. If a user deletes all tuples of a relation, the relation still exists, but it is empty. If a relation is
dropped, it no longer exists.
Views
The concept of views is a means of providing a user with a “personalized” model of the database.
A view can hide data that a user does not need to see.
The ability of views to hide data serves both to simplify usage of the system and to enhance security.
System usage is simplified since the user is allowed to restrict attention to the data of interest.
Security is provided if there is a mechanism to restrict the user to his or her personal view or views.
Relational database systems typically provide security at two levels:
Relation: A user may be permitted or denied direct access to a relation
View: A user may be permitted or denied access to data appearing in a view.
Although a user may be denied direct access to a relation, the user may be able to access part of that
relation through a view. Thus, a combination of relational level security and view level security can be
used to limit a user’s access to precisely the data that user needs.
Data Encryption
Encryption is a security method in which information is encoded in such a way that only
authorized user can read (understand) it.
It uses encryption algorithm to generate ciphertext that can only be read if decrypted.
Data Encryption
Data encryption is the process of encoding (translating) a message or information in such a
way that only authorized persons can access it and those who are not authorized cannot.
Encryption is the process of translating plaintext data (plaintext) into something that appears
to be meaningless (ciphertext).
Decryption is the process of converting ciphertext back to plaintext.
Types of Encryption
Symmetric key encryption / Private key encryption
Asymmetric key encryption / Public key encryption
Types of Encryption
Symmetric key encryption
Encryption and decryption keys are the same.
The same key is used by the sender to encrypt the data, and again by the receiver to
decrypt the data.
Symmetric key encryption is fast in execution.