Department of Computer Science and Engineering (CSE)

Database Security

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Outline

• Introduction to Database Security

• Threats

• Security Plan

• Counter Measures

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Introduction

• Database security refers to the collective measures used to protect

and secure a database or database management software from
illegitimate use and malicious threats and attacks.
• It is a broad term that includes a multitude of processes, tools and
methodologies that ensure security within a database environment.
• Database security is generally planned, implemented and maintained by
a database administrator and or other information security
professional.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Introduction

• Database security covers and enforces security on all aspects and

components of databases. This includes:
• Data stored in database

• Database server

• Database management system (DBMS)

• Other database workflow applications

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Introduction

• Database security issues

– Legal and ethical issues
– Policy issues
– System-related issues
– The need to identify multiple security levels
• Various legal and ethical issues regarding the right to access
certain information— for example, some information may be
deemed to be private and cannot be accessed legally by unauthorized
organizations or persons. In the United States, there are numerous
laws governing privacy of information.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Introduction

• Policy issues at the governmental, institutional, or corporate level

regarding what kinds of information should not be made publicly
available—for example, credit ratings and personal medical
records.
• System-related issues such as the system levels at which various
security functions should be enforced—for example, whether a
security function should be handled at the physical hardware
level, the operating system level, or the DBMS level.
• The need in some organizations to identify multiple security levels
and to categorize the data and users based on these classifications—
for example, top secret, secret, confidential, and unclassified. The
security policy of the organization with respect to permitting access to
various classifications of data must be enforced.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Introduction

Database security is more than just important. It helps:

• Company’s block attacks, including ransomware and breached firewalls,
which in turn keeps sensitive information safe.
• Prevent malware or viral infections which can corrupt data, bring down a
network, and spread to all end point devices.
• Ensure that physical damage to the server doesn’t result in the loss of data.
• Prevent data loss through corruption of files or programming errors.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Threats to a database

• A threat is any situation or event, either intentional or

unintentional that may affect a system and organization.
• Some examples of threats includes:
• Using another person’s means of access
• Unauthorized alteration or copy of data
• Wire tapping
• Illegal entry by hacker
• Theft of data, program and equipment
• Viewing and disclosing unauthorized data
• Data corruption owing to power loss or surge
• Physical damage to equipment
• Breaking or disconnection of cables
• Fire, flood, bomb

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Threats to a database

• Threats to the database can be numerous. The threat can be accidental

or intentional. In either case, security of the database and the entire
system, including the network, operating system, the physical area
where the database resides and the personnel allowed access must all
be considered.
• A database administrator must have in place a security policy and
procedures in place to address potential threats to data.
• Generally a data security plan includes such procedures, including
physical protection methods and use of data management software.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Threats to a database

• The following threats must be addressed:

• Accidental losses
• It includes losses as a result of human error, software problems, hardware
problems
• Theft and fraud
• It includes intentional security breaches of data and unauthorized data
manipulation because of inadequate access controls, inadequate physical
security of the database
• Loss of privacy and confidentiality
• It includes loss of protection of an individual's data files.
• Loss of confidentiality refers to loss of protection of organizational data.
Failure to control these types of losses may lead to blackmail, public
embarrassment and bribery and loss of competitiveness

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Threats to a database

• Loss of data integrity

• Database integrity refers to the requirement that information be
protected from improper modification. Modification of data includes
creating, inserting, and updating data, changing the status of data and
deleting data. Integrity is lost if unauthorized changes are made to the
data by either intentional or accidental acts.
• Loss of data availability
• Database availability refers to making objects available to a human
user or a program who/which has a legitimate right to those data
objects. Loss of availability occurs when the user or program cannot
access these objects.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Security plan

• Identify the user community

• Gather the database information
• Determine the types of user account
• Undertake a threat analysis
• Establish DBA authorities and procedures
• Establish policies for managing (creating, deleting, auditing) user accounts
• Determine the user tracking policy
• Establish the user identification method
• Define security incidents and reporting procedure
• Assess the sensitivity of specific data objects
• Establish standards and enforcement procedures (as well as back-up and
recovery plans, of course)

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Four main control measures are used to provide security of data

in databases:
• Access control

• Inference control

• Flow control

• Data encryption

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Access Control
• A security problem common to computer systems is that of preventing
unauthorized persons from accessing the system itself either to obtain
information or to make malicious changes in a portion of the database.
• The security mechanism of a DBMS must include provisions for restricting
access to the database system as a whole. This function called access
control is handled by creating user accounts and passwords to control the
login process by the DBMS
• The database administrator (DBA) is the central authority for managing a
database system.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• The DBA’s responsibilities include granting privileges to users who

need to use the system and classifying users and data in accordance
with the policy of the organization.
• The DBA is responsible for the overall security of the database system.
• DBA performs following types of actions:
• Account creation: This action creates a new account and password
for a user or a group of users to enable access to the DBMS. It is used
to control access to the DBMS as a whole.
• Privilege granting and Privilege revocation are used to control
discretionary database authorization.
• Security level assignment action consists of assigning user
accounts to the appropriate security clearance level. It is used to
used control mandatory authorization.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Discretionary access control is based on the idea of access rights or

privileges and mechanisms for giving users such privileges.
• A privilege allows a user to access some data object in a certain
manner (e.g. to read or modify). A user who creates data object such
as a table or a view automatically gets all applicable privileges on
that object and the user can also propagate privileges using "Grant
Option".
• The DBMS subsequently keeps track of how these privileges are
granted to other users and possibly revoked, and ensures that at all
times only users with the necessary privileges can access an object.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• SQL Syntax
• SQL supports discretionary access control through the GRANT and
REVOKE commands.
• The GRANT command gives users privileges to base tables and views.
• The REVOKE command cancels user’s privileges.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• For example:
• GRANT privilege1, privilege2, ... ROVOKE privilege1, privilege2,
ON object_name ON object_name
TO user1, user2, ... ; FROM user1, user2, ... ;

• GRANT SELECT, ALTER ROVOKE SELECT, ATLER

ON student ON student
TO db2_14 FROM db2_14

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Mandatory Access Control (MAC)

• Discretionary access control techniques been the main mechanism in
DBMS. In many applications, an additional security policy is needed to
classify data and users based on security classes.
• Mandatory access control can be combined with the discretionary access
control mechanisms.
• MAC policy management and settings are established in one secure
network and limited to system administrators.
• MAC provides tighter security because only a system administrator may
access or alter controls.
• MAC policies reduce security errors.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Typical security classes

• Top secret (TS)

• Secret (S)

• Confidential (C)

• Unclassified (U)

• Here TS is the highest level and U the lowest:

• TS > S > C > U

• Some DBMS vendors—for example, Oracle—have released special
versions of their RDBMSs that incorporate mandatory access control
for government use.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Inference Control
• Statistical databases are used to provide statistical information or
summaries of values based on various criteria. For example, a database
for population statistics may provide statistics based on age groups,
income levels, household size, education levels and other criteria.
• Statistical database users such as government statisticians or market
research firms are allowed to access the database to retrieve statistical
information about a population but not to access the detailed confidential
information about specific individuals.
• The security problem associated with databases is that of controlling the
access to a statistical database. The corresponding control measures are
called inference control measures.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Statistical database security techniques must prohibit the retrieval of

individual data. This can be achieved by prohibiting queries that
retrieve attribute values and by allowing only queries that involve
statistical aggregate functions such as COUNT, SUM, MIN, MAX,
AVERAGE, and STANDARD DEVIATION. Such queries are sometimes
called statistical queries.
• It is the responsibility of a database management system to ensure the
confidentiality of information about individuals while still providing
useful statistical summaries of data about those individuals to users.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Flow Control
• Flow control prevents information from flowing in such a way that it
reaches unauthorized users.
• Flow control regulates the distribution or flow of information among
accessible objects.
• A flow between object X and object Y occurs when a program reads
values from X and writes values into Y.
• Flow controls check that information contained in some objects does
not flow explicitly or implicitly into less protected objects.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Most flow controls employ some concept of security class, the transfer of
information from a sender to a receiver is allowed only if the receiver’s
security class is at least as privileged as the sender’s.
• Examples of a flow control include preventing a service program from
leaking a customer’s confidential data and blocking the transmission of
secret military data to an unknown classified user.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• A flow policy specifies the channels along which information is allowed

to move.
• The simplest flow policy specifies just two classes of information—
confidential (C) and non-confidential (N)—and allows all flows except
those from class C to class N.
• For example, a military program with a secret clearance can only read
from objects that are unclassified and confidential and can only write
into objects that are secret or top secret.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Data encryption
• It is used to protect sensitive data (such as credit card numbers) that
is transmitted via some type of communications network. Encryption
can be used to provide additional protection for sensitive portions of
a database as well. The data is encoded using some coding algorithm.
• An unauthorized user who accesses encoded data will have difficulty
deciphering it, but authorized users are given decoding or decrypting
algorithms (or keys) to decipher the data.
• Encrypting techniques that are very difficult to decode without a key
have been developed for military applications. However, encrypted
database records are used today in both private organizations and
governmental and military applications.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

Counter Measures

• Laws defining what constitutes personal information vary from state to

state, systems must protect individuals’ privacy and enforce privacy
measures adequately. There exists two common forms or encryption that
are one-key and two key.
• With one-key approach, also known as Data Encryption Standard (DES),
both the sender and the receiver need to know the key that is used to
scramble the transmitted or stored data. A two-key approach, also known
as asymmetric encryption, employs a private and a public key. This
approach is popular in e-mail commerce applications for transmission
security and database storage of payment data such as credit card
numbers.
• Encryption techniques also includes digital signatures which are used in
personal communications.

University Institute of Engineering (UIE)

 Department of Computer Science and Engineering (CSE)

THANKS…..

University Institute of Engineering (UIE)