database security
play

Database Security CS 645 Apr 10, 2008 Gerome Miklau, UMass Amherst - PowerPoint PPT Presentation

Mar 03, 2023 •968 likes •1.39k views

Database Security CS 645 Apr 10, 2008 Gerome Miklau, UMass Amherst Outline Security basics Access control in Databases Privacy foundations Beyond access control Security properties Confidentiality Authenticity

  1. Database Security CS 645 Apr 10, 2008 Gerome Miklau, UMass Amherst

  2. Outline • Security basics • Access control in Databases • Privacy foundations • Beyond access control

  3. Security properties • Confidentiality • Authenticity • Availability • Privacy

  4. Confidentiality A guarantee that data has not been disclosed to an unauthorized party. • Threats to confidentiality • direct release, approximate disclosure, leaks from inference & outside knowledge • Providing confidentiality • access controls, inference controls, encryption

  5. Authenticity Also called: data integrity A guarantee that data has not been modified from its original state by an unauthorized party. • Aspects of authenticity: • data comes from original source • not modified • freshness: current, not re-used • Threats to authenticity: • forging, tampering, replay • Providing authenticity • access control, digital signatures, hashing

  6. Confidentiality or Authenticity ? • Which security properties matter for: • Student grades for this course stored in database. • Resume or CV posted on webpage. • Medical records stored in database.

  7. Availability A guarantee that data is available when needed. • Threats to availability: denial of service • Providing availability: conventional concern of databases

  8. Privacy Informational Privacy The ability to determine for ourselves when, how, and to what extent information about us is communicated to others. - Westin • Requires both data confidentiality & authenticity

  9. • Security basics • Access control in Databases • Privacy foundations • Beyond access control

  10. Access control • Regulates direct access to resources • Subjects (i.e. registered users) • Objects (files, directories, tables) • Privileges (read, write, insert, delete, etc.) • Discretionary access control • Users can grant access at their discretion. • Mandatory access control • All subjects and objects classified by an authority and global rules determine privileges.

  11. SQL Security • Core security features present in nearly all database systems: • User authentication • Discretionary access control: • Subjects (database users) • Privileges (select, insert, delete, update) • Objects (tables, columns, views ) • In SQL: GRANT / REVOKE System R authorization model [Griffith and Wade ʼ 76], [Fagin ʼ 78]

  12. Database system security Server Client Parser Query SQL query/update engine Access Control Result tables tables tables DB system File system OS

  13. Discretionary AC in SQL GRANT privileges ON object TO users [WITH GRANT OPTIONS] privileges = SELECT | INSERT(column-name) | UPDATE(column-name) | DELETE | REFERENCES(column-name) object = table | view 13

  14. Examples GRANT INSERT, DELETE ON Customers TO Yuppy WITH GRANT OPTIONS Queries allowed to INSERT INTO Customers(cid, name, address) Yuppy: VALUES(32940, ‘Joe Blow’, ‘Seattle’) DELETE Customers WHERE LastPurchaseDate < 1995 Queries denied to SELECT Customer.address Yuppy: FROM Customer WHERE name = ‘Joe Blow’ 14

  15. Examples GRANT SELECT ON Customers TO Michael Now Michael can SELECT, but not INSERT or DELETE 15

  16. Examples GRANT SELECT ON Customers TO Michael WITH GRANT OPTIONS Michael can say this: GRANT SELECT ON Customers TO Yuppi Now Yuppi can SELECT on Customers 16

  17. Examples GRANT UPDATE (price) ON Product TO Leah Leah can update, but only Product.price, but not Product.name 17

  18. Examples Customer(cid, name, address, balance) Orders(oid, cid, amount) cid= foreign key Bill has INSERT/UPDATE rights to Orders. BUT HE CAN’T INSERT ! (why ?) GRANT REFERENCES (cid) ON Customer TO Bill Now Bill can INSERT tuples into Orders 18

  19. Views and Security David owns Fred is not Customers: allowed to see this Name Address Balance Mary Huston 450.99 Sue Seattle -240 Joan Seattle 333.25 Ann Portland -520 David says CREATE VIEW PublicCustomers SELECT Name, Address FROM Customers; GRANT SELECT ON PublicCustomers TO Fred 19

  20. Views and Security David owns John is Customers: allowed to Name Address Balance see only <0 balances Mary Huston 450.99 Sue Seattle -240 Joan Seattle 333.25 David says Ann Portland -520 CREATE VIEW BadCreditCustomers SELECT * FROM Customers WHERE Balance < 0; GRANT SELECT ON BadCreditCustomers TO John 20

  21. David says Views and Security • Each customer should see only her/his record Name Address Balance CREATE VIEW CustomerMary Mary Huston 450.99 SELECT * FROM Customers Sue Seattle -240 WHERE name = ‘Mary’ Joan Seattle 333.25 GRANT SELECT ON CustomerMary TO Mary Ann Portland -520 CREATE VIEW CustomerSue SELECT * FROM Customers Doesn’t scale. WHERE name = ‘Sue’ Need row-level access GRANT SELECT ON CustomerSue TO Sue control ! . . . 21

  22. Revocation REVOKE [GRANT OPTION FOR] privileges ON object FROM users { RESTRICT | CASCADE } Administrator says: REVOKE SELECT ON Customers FROM David CASCADE John loses SELECT privileges on BadCreditCustomers 22

  23. Revocation 1. Joe: GRANT [….] TO Art … Same privilege, 2. Art: GRANT [….] TO Bob … same object, 3. Bob: GRANT [….] TO Art … GRANT OPTION 4. Joe: GRANT [….] TO Cal … 5. Cal: GRANT [….] TO Bob … Joe: REVOKE [….] FROM Art CASCADE What happens ?? Revoked Admin 0 Everyone keeps the privilege: 1 REVOKE removes privileges to all users Joe Art who hold the privilege SOLELY through a grant command executed by the 4 3 2 revoking user. Cal Bob 5

  24. Summary of SQL Security Limitations: • No row level access control • Table creator owns the data Access control = great success story of the DB community... … or spectacular failure: • Only 30% assign privileges to users/roles – And then to protect entire tables, not columns 24

  25. • Security basics • Access control in Databases • Privacy foundations • Beyond access control

  26. Next • Security basics • Access control in Databases • Privacy foundations • Beyond access control

  27. Computers and privacy Virtually every department of government and law enforcement agency, every credit bureau, insurance company, big business, every important educational establishment, ... is using computer technology to gather personal information on as many people as they can. Excerpted from Miller: The Assault on Privacy published in 1971 27

  28. Roots of privacy • Historical roots in the bible, Aristotle, ancient chinese culture • Recognized as a fundamental human right . • Nearly every country mentions right to privacy explicitly in constitution. Except US, Ireland, India 28

  29. Definitions of privacy

  30. Definitions of privacy • Gavison, 1980: – protection from being brought to the attention of others – Privacy is a complex of concepts concerned with the accessibility others have to us. One has perfect privacy when one is completely inaccessible to others. • Privacy can be gained through: – secrecy - when no one has information about us – anonymity - when no one pays attention to us – solitude - when no one has physical access to us 30

  31. Informational privacy • Westin, 1967: – the ability to determine for ourselves when, how, and to what extent information about us is communicated to others. • Hughes, 1993: – the power to selectively reveal oneself to the world. 31

  32. Privacy, For and Against • A fundamental human right • Aspect of personal freedom, liberty • Requirement for democracy • Prerequisite to developing sense of self. 32

  33. Privacy, For and Against • Surveillance has benefits • Accountability requires sacrificing privacy • Posner (1981) - Economic critique • MacKinnon (1989) - Feminist critique • Brin (1999) Increased flow of information can benefit all, if access is free and equal. 33

  34. Attitudes • Westin’s categories, through surveys – Privacy fundamentalist (25%) • Feel they’ve lost privacy, resistant to further erosion – Privacy pragmatist (55%) • Concerned about privacy, but willing to share info given choice and notice – Privacy unconcerned (20%) Jennicam, 1996

  35. Behavior != Attitude • Behavior is not always consistent with stated attitudes – economic model of behavior - rational economic agents protecting or divulging their personal info – price of privacy • Individuals are not rational actors Acquisti/Grossklags 2005 35

  36. Strong privacy advocates Privacy can be achieved by limiting information flow • Technologists - crypto, electronic anonymity, fighting surveillance technology. • “European model” - rules and regulations to govern data operations. • Pragmatics - practical advice on how to protect oneself. 36

  37. Transparency Increasing flow of info may help all parties Brin • Data collection and surveillance is probably inevitable, and provides accountability • Rather than fight against “watching”, make sure everyone can “watch the watcher”. 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting Revoking Views Database Systems SQL Insertion Attacks Michael Pound Further Reading The Manga Guide to Databases, Chapter 5 Database

285 views • 7 slides
Database Security Enforced Database security - only authorized users can perform authorized

Database Security Enforced Database security - only authorized users can perform authorized

IT360: Applied Database Systems Database Security Kroenke: Ch 9, pg 309-314 PHP and MySQL: Ch 9, pg 217-227 1 Rights Database Security Enforced Database security - only authorized users can perform authorized activities Responsibilities

317 views • 9 slides
Overview Database Security Semantic Integrity Controls Access Control Rules Multilevel

Overview Database Security Semantic Integrity Controls Access Control Rules Multilevel

Overview Database Security Semantic Integrity Controls Access Control Rules Multilevel Secure Databases RBAC in Commercial DBMS Statistical Database Security Simone Fischer-Hbner Applied Security, DAVC17 Relational Database

194 views • 6 slides
DATABASE SECURITY CS4750 Database Systems Prof. Nada Basit Email: basit@virginia.edu Fall

DATABASE SECURITY CS4750 Database Systems Prof. Nada Basit Email: basit@virginia.edu Fall

DATABASE SECURITY CS4750 Database Systems Prof. Nada Basit Email: basit@virginia.edu Fall 2020 University of Virginia 1 Levels of DB Security There are 6 levels that impact database security Database Level database users and

591 views • 21 slides
DATABASE SECURITY CS4750 Database Systems Prof. Nada Basit Email: basit@virginia.edu Fall

DATABASE SECURITY CS4750 Database Systems Prof. Nada Basit Email: basit@virginia.edu Fall

DATABASE SECURITY CS4750 Database Systems Prof. Nada Basit Email: basit@virginia.edu Fall 2020 University of Virginia 1 Levels of DB Security There are 6 levels that impact database security Database Level database users and

380 views • 18 slides
Course Content Database Management Systems Introduction Database Design Theory

Course Content Database Management Systems Introduction Database Design Theory

Course Content Database Management Systems Introduction Database Design Theory Query Processing and Optimisation Winter 2003 Concurrency Control Data Base Recovery and Security CMPUT 391: Database Recovery and Security

274 views • 12 slides
Session 8 Database, Cloud and IoT Security Sbastien Combfis Fall 2019 This work is

Session 8 Database, Cloud and IoT Security Sbastien Combfis Fall 2019 This work is

I5020 Computer Security Session 8 Database, Cloud and IoT Security Sbastien Combfis Fall 2019 This work is licensed under a Creative Commons Attribution NonCommercial NoDerivatives 4.0 International License. Database Security

384 views • 24 slides
Database Security CS461/ECE422 Spring 2012 Overview Database

Database Security CS461/ECE422 Spring 2012 Overview Database

Database Security CS461/ECE422 Spring 2012 Overview Database model RelaAonal Databases Access Control Inference and StaAsAcal Databases Database

548 views • 27 slides
Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security

Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security

Security Control Methods for Statistical Database Li Xiong CS573 Data Privacy and Security Statistical Database A statistical database is a database which provides statistics on subsets of records OLAP vs. OLTP Statistics may be

397 views • 37 slides
NEBC Database Course 2008 Database Users And Security Backing-Up Data Tim Booth :

NEBC Database Course 2008 Database Users And Security Backing-Up Data Tim Booth :

NEBC Database Course 2008 Database Users And Security Backing-Up Data Tim Booth : tbooth@ceh.ac.uk Overview Areas covered: Controlling who can connect Table-level privileges Defining user groups Remote connections to

557 views • 17 slides
Database-enabled web technology Security Instructor: C a gr C oltekin

Database-enabled web technology Security Instructor: C a gr C oltekin

Database-enabled web technology Security Instructor: C a gr C oltekin c.coltekin@rug.nl Information science/Informatiekunde Fall 2011/12 Security in Web applications Web, Databases &amp; Security http://xkcd.com/327/ C . C

952 views • 47 slides
CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security

CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security

CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security Database Security Relational Databases constructed from tables of data each column holds a particular type of data each row contains a

935 views • 24 slides
EGTDC Database Course 2004 Database Users And Security Backing-Up Data Tim Booth :

EGTDC Database Course 2004 Database Users And Security Backing-Up Data Tim Booth :

EGTDC Database Course 2004 Database Users And Security Backing-Up Data Tim Booth : tbooth@ceh.ac.uk Environmental Genomics Thematic Programme Data Centre http://envgen.nox.ac.uk Overview Areas covered: Controlling who can connect

344 views • 16 slides
TDDD17 Informatjon Security Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Many of the slides in this slide set are adaptations from slides made available for the database textbook by Elmasri and Navathe. Before

572 views • 24 slides
Database Security Catalin Bidian University of Toronto November 10, 2010 November 10, 2010

Database Security Catalin Bidian University of Toronto November 10, 2010 November 10, 2010

CCT395, Week 10 Database Security Catalin Bidian University of Toronto November 10, 2010 November 10, 2010 CCT395F 1 Database Security Main Objectives 1. Confidentiality (aka Secrecy): a. Data must be kept private b. Information

460 views • 45 slides
TDDD17 Informatjon Security (VT 2020) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2020) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se

TDDD17 Informatjon Security (VT 2020) Topic: Database Security Olaf Hartjg olaf.hartjg@liu.se Acknowledgement: Several of the slides in this slide set are adaptations from slides made available for the database textbook by Elmasri and

555 views • 27 slides
File System Project Seminar On-Disk Layout Prof. Andreas Polze Andreas Grapentin, Sven Khler

File System Project Seminar On-Disk Layout Prof. Andreas Polze Andreas Grapentin, Sven Khler

File System Project Seminar On-Disk Layout Prof. Andreas Polze Andreas Grapentin, Sven Khler Max Plauth, Jossekin Beilharz, Felix Eberhardt Hasso Plattner Institute File System Seminar Overview program open readdir today Virtual File

522 views • 30 slides
The PanPipe Workflow Manager Daniel Ortiz Genome Data Science Group Institute for Research in

The PanPipe Workflow Manager Daniel Ortiz Genome Data Science Group Institute for Research in

The PanPipe Workflow Manager Daniel Ortiz Genome Data Science Group Institute for Research in Biomedicine Table of Contents 1. Introduction 2. Package Overview 3. Main Tools and File Formats 4. Toy Pipeline Example Introduction

642 views • 33 slides
Chapter 18 Parallel Processing Multiple Processor Organization Single instruction, single

Chapter 18 Parallel Processing Multiple Processor Organization Single instruction, single

Chapter 18 Parallel Processing Multiple Processor Organization Single instruction, single data stream - SISD Single instruction, multiple data stream - SIMD Multiple instruction, single data stream - MISD Multiple instruction,

625 views • 62 slides
Slide 1 ___________________________________ 2.1 Ge ne r al Cost Classific ations o Costs are an

Slide 1 ___________________________________ 2.1 Ge ne r al Cost Classific ations o Costs are an

Slide 1 ___________________________________ 2.1 Ge ne r al Cost Classific ations o Costs are an unavoidable busine ss ___________________________________ tr uth o How c osts are c lassified de pe nds on ___________________________________

716 views • 4 slides
Automatic Search Engine Evaluation Automatic Search Engine Evaluation with Click- -through Data

Automatic Search Engine Evaluation Automatic Search Engine Evaluation with Click- -through Data

Automatic Search Engine Evaluation Automatic Search Engine Evaluation with Click- -through Data Analysis through Data Analysis with Click Yiqun Liu Liu Yiqun State Key Lab of Intelligent Tech. &amp; Sys State Key Lab of Intelligent Tech.

708 views • 22 slides
Trusts: 2019-2020 Planning Roadmap Part 1 Planning before the 2020 Election; State Income

Trusts: 2019-2020 Planning Roadmap Part 1 Planning before the 2020 Election; State Income

10/11/2019 Trusts: 2019-2020 Planning Roadmap Part 1 Planning before the 2020 Election; State Income Taxation of Trusts; Aging and Longevity 1 1 Trusts: 2019-2020 Planning Roadmap Part 1 Planning before the 2020 Election; State Income

554 views • 23 slides
QPAT Pension Workshop Names You Should Know Retraite Qubec merged administrative body

QPAT Pension Workshop Names You Should Know Retraite Qubec merged administrative body

QPAT Pension Workshop Names You Should Know Retraite Qubec merged administrative body that replaces CARRA and Quebec Pension Plan (QPP) administrative branch RREGOP Rgime de retraite des employs du gouvernement et des

772 views • 53 slides
RIIO-2 Draft Determination National Grid response London, 7 September 2020 National Grid plc

RIIO-2 Draft Determination National Grid response London, 7 September 2020 National Grid plc

RIIO-2 Draft Determination National Grid response London, 7 September 2020 National Grid plc RIIO-2 Response September 2020 1 Cautionary statement This presentation contains certain statements that are neither reported financial results nor

178 views • 14 slides

More recommend