02 database oprimization - improving sql performance - ent-db
01 database security ent-db
-
Upload
unclerhyme -
Category
Education
-
view
201 -
download
1
Transcript of 01 database security ent-db
![Page 1: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/1.jpg)
DATABASE SECURITY
![Page 2: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/2.jpg)
Database
the heart of each information system
a persistent collection of related data, where data are facts that have an implicit
meaning.
built to store logically interrelated data representing some aspects of the real
world, which must be collected, processed, and made accessible to a given user
population.
![Page 3: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/3.jpg)
Database Concepts
• The database is constructed according to a data model which define the way in which data and interrelationships between them can be represented.
Data Model
s• The collection of software programs that
provide the functionalities for defining, maintaining, and accessing data stored in a database is called a database management system (DBMS).
DBMS
![Page 4: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/4.jpg)
Database abstraction levels
Internal level
• describing the physical storage of the database
Conceptual (or logical level )
• providing the users with a high level description of the real world that the database represents
External level
• describing the views that different users or applications have on the stored data.
The internal level maps the logical objects supported by the data model to the physical objects of the underlying
operating system
![Page 5: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/5.jpg)
Data Security
• Concerned with improper disclosure of information. The terms secrecy or non-disclosure are synonyms for confidentiality.
Confidentiality
• Concerned with improper modification of information or processes.
Integrity
• Concerned with improper denial of access to information. The term denial of service is also used as a synonym for availability.
Availability
![Page 6: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/6.jpg)
Top Ten Database Security Threats
![Page 7: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/7.jpg)
• When someone is granted database privileges that exceed the requirements of their job function, these privileges can be abused.
Excessive and Unused Privileges
• Users may abuse legitimate database privileges for unauthorized purposes.
Privilege Abuse
• Injection attacks usually involve inserting (or “injecting”) unauthorized or malicious statements into the input fields of web applications that gives an attacker unrestricted access to an entire database.
Input Injection (Formerly SQL Injection)
![Page 8: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/8.jpg)
• Cybercriminals, state-sponsored hackers, and spies use advanced attacks that blend multiple tactics—such as spear phishing emails and malware—to penetrate organizations and steal sensitive data.
Malware
• Automated recording of database transactions involving sensitive data should be part of any database deployment. Failure to collect detailed audit records of database activity represents a serious organizational risk on many levels.
Weak Audit Trail
• Backup storage media is often completely unprotected from attack.
Storage Media Exposure
![Page 9: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/9.jpg)
• It is common to find vulnerable and un-patched databases, or discover databases that still have default accounts and configuration parameters.
Exploitation of Vulnerable, Misconfigured Databases
• Many companies struggle to maintain an accurate inventory of their databases and the critical data objects contained within them.
Unmanaged Sensitive Data
• Denial of Service (DoS) is a general attack category in which access to network applications or data is denied to intended users.
Denial of Service
• Many organizations are ill-equipped to deal with a security breach due to the lack of expertise required to implement security controls, enforce policies, or conduct incident response processes.
Limited Security Expertise and Education
![Page 10: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/10.jpg)
Approaches to Data Security
Prevention • Prevention ensures that security breaches cannot
occur. The basic technique is that the system examines every action and checks its conformance with the security policy before allowing it to occur.
• This technique is called access control.
Detection• Detection ensures that sufficient history of the
activity in the system is recorded in an audit trail, so that a security breach can be detected after the fact.
• This technique is called auditing.
![Page 11: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/11.jpg)
ACCESS CONTROL
![Page 12: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/12.jpg)
Access Control Policies
Discretionary Access Control (DAC)
Mandatory Access Control (MAC)
Role-Based Access Control (RBAC)
![Page 13: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/13.jpg)
Discretionary Access Control• The word discretionary characterizes the fact that users
can be given the ability of passing their privileges to others.
• Discretionary access control policies are based on authorizations rules. • An authorization rule states that a subject has the privilege to
exercise a given action on a given object. • The kind (and granularity) of subjects, objects, and
actions that can be referenced in authorizations may be different in different systems.
![Page 14: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/14.jpg)
Discretionary access control policies
Subjects
Subjects are the entities to which authorizations can be granted.Typically, subjects are users.
Objects
Objects are the entities to be protected. Typically, objects correspond to information container (tables or portion of it) or procedures.
Actions
Actions define the specific operations that subjects can execute on objects. Actions to be supported include the operations corresponding to the basic read, write, delete, create, and execute
![Page 15: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/15.jpg)
Authorizations• Authorizations define which accesses are to be allowed.
• The simplest form of authorization is a triple (subject, object, action) specifying that subject is authorized to exercise action on object.
• Example• subject object access
• Joe Black Employee-relation read
![Page 16: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/16.jpg)
Granularity and Modes of Access Control
The entire database.
Some collection of relations.
One relation.
Some columns of one relation.
Some rows of one relation.
![Page 17: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/17.jpg)
DAC modes in SQL operationsThe ability to INSERT and DELETE is specified on a relation by relation basis.
SELECT is also usually specified on a relation by
relation basis.
UPDATE can be restricted to certain columns of a
relation.
![Page 18: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/18.jpg)
Access Control Mechanisms
Security through Views
Grant and Revoke
Stored Procedures
Query modificatio
n
![Page 19: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/19.jpg)
SECURITY THROUGH VIEWS
![Page 20: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/20.jpg)
View Based Access Control• A base relation is a “real" relation in the database, that is actually stored in the Database.
• A view is a “virtual" relation which is derived from base relations and other views.
• For retrieval purposes users need not distinguish between views and base relations.
• Views, therefore, provide a very powerful mechanism for specifying data-dependent authorization for data retrieval.
![Page 21: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/21.jpg)
A user who has read access to TOY-DEPT is thereby limited to retrieving information about employees in the Toy Department.
![Page 22: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/22.jpg)
Suppose that a new employeeBrown is inserted in base relation EMPLOYEE, as shown in Table 3. The viewTOY-DEPT will be automatically modified to include Brown, as shown in Table 4.
![Page 23: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/23.jpg)
Views can also be used to provide access to statistical information.
A view is simply another relation in the database, which happens to be automatically
modified by the DBMS whenever its base relations are modified.
Problem: Difficult to maintain updates.
![Page 24: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/24.jpg)
GRANTING AND REVOCATION OF ACCESS
![Page 25: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/25.jpg)
Grant• Granting and revocation allow users to selectively and
dynamically grant privileges to other users, and subsequently revoke them if so desired.
• The GRANT command applies to base relations as well as views.
• In SQL granting is accomplished by means of the GRANT statement which has the following general format.
![Page 26: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/26.jpg)
Some examples of GRANT statements
![Page 27: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/27.jpg)
Note that it is not possible to grant a user the grant option on a privilege, withoutallowing the grant option itself to be further granted.
![Page 28: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/28.jpg)
Revoke• Revocation in SQL is accomplished by means of the
REVOKE statement which has the following general format.
• Examples:
![Page 29: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/29.jpg)
![Page 30: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/30.jpg)
![Page 31: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/31.jpg)
STORED PROCEDURESAssign rights to execute compiled programsGRANT RUN ON <program> TO <user>
Problem:Programs may access resources for which the user who runs the program does not have permission.
![Page 32: 01 database security ent-db](https://reader034.fdocuments.net/reader034/viewer/2022051503/589cee1d1a28abcc258b4851/html5/thumbnails/32.jpg)
QUERY MODIFICATION• It is not supported in SQL• In this technique, a query submitted by a user is modified
to include further restrictions as determined by the user's authorization.