1 / 23

MODELLING PERSISTENT DATA: CS27020

MODELLING PERSISTENT DATA: CS27020. Database Security Nitin Naik. Database: The Backbone Of An Organization. User. Database Administrator. System Administrator. Database Security.

page
Download Presentation

MODELLING PERSISTENT DATA: CS27020

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MODELLING PERSISTENT DATA: CS27020 Database Security Nitin Naik

  2. Database: The Backbone Of An Organization User Database Administrator System Administrator

  3. Database Security • Database Security is the mechanism that protect the database against intentional or accidental threats. • Database security can be defined as a system or process by which the Confidentiality, Integrity, and Availability -CIA, of the database can be protected. • Database security can be defined as a system or process of Authentication, Authorization, and Auditing -3A.

  4. Security Objective

  5. Levels of Security Measures • Database System • Operating System • Network • Physical • Human

  6. Privileges • Privilegesdefine the access rights provided to a user on a database object. • A database privilege is a right to execute specific SQL statement. • Privileges can either be grantedto or revoked from a user explicitly or be assigned through a Role. • There are two common types of privileges in SQL: • System Privileges - This allows the user to CREATE, ALTER, or DROP database objects. • Object Privileges - This allows the user to SELECT, INSERT, UPDATE, DELETE or EXECUTE data from database objects to which the privileges apply.

  7. GRANT and REVOKE Privileges in SQL • GRANT privilege_list ON resource TO user_list; • REVOKE privilege_list ON resource TO user_list; • privilege_list includes SELECT, INSERT, etc. • resource may be a table, database, function, etc. • user_list may be individual users, or may be a user group.

  8. Roles • Rolesare a collection of privileges or access rights. • When there are many users in a database it becomes difficult to grant or revoke privileges to users. • Therefore, if you define Roles, you can grant or revoke privileges to users, thereby automatically granting or revoking privileges. • Roles are used to group users who have common privilege requirements. • You can either create Roles or use the system Roles pre-defined by database system. • Roles can also be granted to other Roles.

  9. SQL System Roles • Some of the privileges granted to the system Roles are as given below:

  10. Managing Roles in SQL Creating Role: • CREATE ROLE role_name [IDENTIFIED BY password]; • CREATE ROLE web_develper; Granting Privileges to Roles: • GRANT CREATE TABLE TO web_develper; • GRANT CREATE VIEW TO web_develper; Granting Roles to Users: • GRANT web_develperTO user1; Revoking Privileges from Roles: • REVOKE CREATE VIEW FROM web_develper; Dropping Roles: • DROP ROLE web_develper;

  11. Threats and Risks to Databases • Excessive Privilege Abuse • Legitimate Privilege Abuse • Privilege Elevation • Database Platform Vulnerabilities • SQL Injection • Weak Audit Trail • Denial of Service • Database Communication Protocol Vulnerabilities • Weak Authentication • Backup Data Exposure • Unpatched Vulnerabilities • Advanced Persistent Threats • Misconfigurations • Insider Attacks • Insider Mistakes • Social Engineering

  12. Countermeasures • Authentication • Authorization • Access Control • Discretionary Access Control (DAC) • Role Based Access Control (RBAC) • Mandatory Access Control (MAC) • Enforce Integrity Constraints • Encryption • Steganography • Ensure Fault-Tolerant Hardware

  13. Authentication • Authentication ensures that only legitimate users gain access to the system. • Authentication means verifying the identity of someone (a user, device, or other entity) who wants to use data, resources, or applications. • Validating that identity establishes a trust relationship for further interactions. • After Authentication, Authorization processes can allow or limit the levels of access and action permitted to that entity.

  14. Authentication Levels • Authentication by the Application Software • Authentication by the Database System • Authentication by the Operating System • Authentication by the Network

  15. Authentication Methods & Protocols Authentication Methods • Passwords • Public Key Cryptography • Zero Knowledge Proof • Digital Signature • Smartcard Authentication Protocols • Secure Sockets Layer (SSL) • IP SEC • Secure Shell (SSH) • Kerberos

  16. Authorization • Authorization allows us to specify where users should be allowed or denied access. • Authorization ensures that those users only have access to resources they are permitted to access. • Privileges and Roles decide the nature of Authorizations. • Authorizations are given as per the security policy of the organization.

  17. Access Control • Access control enables us to manage authorization (access/ deny) at a very granular level. • Access Control is a set of controls to allow or restrict access to certain database resources at certain levels. • Access controls can be constructed in a variety of manners: physical attributes, sets of rules, lists of individuals or systems, or more complex factors. • The selection of the appropriate Access Control Model by an organization should be done by considering various factors such as type of business, number of users, organization’s security policy etc. • There are 3 commonly used access control models: • Discretionary Access Control (DAC) • Mandatory Access Control (MAC) • Role-Based Access Control (RBAC)

  18. Discretionary Access Control (DAC) • The owner of the resource can give access rights on that resource to other users based on his discretion. • DAC policy is a means of assigning access rights based on rules specified by users. • DAC policies govern the access of users to the information on the basis of the user’s identity and authorizations. • These rules specify the access modes, for each user (or group of users) and each object in the system. • Security policy implementation is based on granting and revoking privileges by owners/users. • It is a flexible and widely used technique in many small organizations.

  19. Mandatory Access Control (MAC) • Users/ owners do not enjoy the privilege of deciding who can access their resources. • Resources belong to an organization (rather than individual members of it), and it is that organization which should control the security policy. • The administrator defines the usage and access policy, which cannot be modified or changed by users. • User and process access to resources based upon an organizational (higher-level) security policy. • Every Subject (users) and Object (resources) are classified and assigned with a security label. • The security labels of the subject and the object along with the security policy determine if the subject can access the object. • This is a stricter and rather static Access Control model as compared to DAC. • Mostly suited for organizations where data classification and confidentiality is of prime importance.

  20. Role-Based Access Control (RBAC) • In the real world, security policies are dynamic. • Access rights, whether discretionary or mandatory, need to change as the responsibilities of users change. • This can make management of rights difficult. • When a new user is authorized for a system, the appropriate rights for that user must be established. • When a user changes job functions, some rights should be deleted, some maintained, and some added. • RBAC addresses this problem by changing the underlying Subject-Object model to Role-Object model.

  21. Role-Based Access Control (RBAC).. • A Roleis a job function or title i.e., a set of actions and responsibilities associated with a particular working activity. • The access to a resource is governed based on the role that the subject holds within an organization. • Now, instead of an access control policy being a relation on Subjects, Objects, and Rights, a policy is a relation on Roles, Objects, and Rights. • Mostly suited for large organizations.

  22. References • Naik, N. (2010),Network Security and Cryptographic Algorithms, Kamal Publications, India. • http://beginner-sql-tutorial.com/sql-grant-revoke-privileges-roles.htm • http://www.codeproject.com/Articles/9378/SQL-Injection-Attacks-and-Some-Tips-on-How-to-Prev • http://docs.oracle.com/cd/B19306_01/server.102/b14220/security.htm#CDDEEHJC • http://www.brighthub.com/computing/smb-security/articles/61554.aspx • http://www.applicure.com/blog/database-security-best-practice • https://www.acunetix.com/websitesecurity/webserver-security/ • http://www.techmahindra.com/sites/blogs/types_of_access_control_mechanisms.aspx • http://www.cs.cornell.edu/courses/cs5430/2011sp/NL.accessControl.html • http://www.ijera.com/papers/Vol2_issue3/SW2331503154.pdf

  23. Thank You(nkn@aber.ac.uk)

More Related