1 / 26

DISTRIBUTED DATABASE SECURITY

DISTRIBUTED DATABASE SECURITY. DISTRIBUTED DATABASE. Scope of data security needs. Fundamental data security requirements. Confidentiality – it allows individual to see only the data that they are supposed to see Privacy communication Secure storage Authenticated user

tejano
Download Presentation

DISTRIBUTED DATABASE SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DISTRIBUTED DATABASE SECURITY DISTRIBUTED DATABASE

  2. Scope of data security needs

  3. Fundamental data security requirements • Confidentiality – it allows individual to see only the data that they are supposed to see • Privacy communication • Secure storage • Authenticated user • Granular access control (Authorization) • Integrity - ensures that the data it contains is valid, data is protected from deletion and corruption, both while it resides within the database, and while it is being transmitted over the network. • Availability - makes data available to authorized users, without delay

  4. Fundamental data security requirements (cont’d) • System Availability aspect • Resistance • Scalability • Flexibility • Ease of use

  5. Cryptography • Cryptography is the way to make data secure – creating secret called chiper • Specific cryptographics function include the following: • Confidentiality – keep message private between parties • Authentication – allows message receiver to validate the message source and to ensure integrity to message • Nonrepudiation – vaidate message source so strongly

  6. Cryptography (cont’d) • Conventional Cryptography – symetric key • Message digest (MD) and Message authentication code (MAC) • Public key cryptography • Digital signatures • Digital certificates and certificate authorities

  7. Conventional Cryptography

  8. Public key cryptography

  9. Message diggest

  10. Message authentication code

  11. Message authentication code

  12. Digital signature

  13. Digital signature

  14. Digital certificate

  15. Digital certificate

  16. Securing communication • Require secure communications • Between users and the DDBE • Among the Sub-DBEs themselves • Secure communication component : privacy, authentication, and integrity • Example protocol: • SSL/ TLS • Virtual Private Network (VPN) – ssh, ipSec

  17. SSL / TLS

  18. SSL / TLS

  19. Virtual private network

  20. Virtual private network

  21. Securing data • Securing data that is stored in database • Authentication and authorization • Data Encryption • Validation SQL input • Data inference • Data auditing

  22. Database authentication

  23. Database authorization

  24. Database authorization (cont’d)

  25. Database authorization (cont’d)

  26. Solving the Security issues • Valid / invalid user • Physical environment security • Source code update • Data backup media protection • Lost password policies • Host operating system maintenance • Firewall and IDS configuration

More Related