Overview of Database Security w Introduction w Security
Overview of Database Security w. Introduction w. Security Problems w. Security Controls w. Designing Database Security
Outline Causes of database security problem Complexity of the design and implementation of a secure database system Three main aspects in database security Introduction
Causes of Database Security Problem Widespread use of centralized and distributed databases Advanced simplification of human and machine interface Different types of users Intrusion, theft and unauthorized disclosure Introduction
Complexity of Design and Implementation Heterogeneity of system users Granularity and territorial extension (national and international levels) of information systems Uncontrollable and unpredictable consequences of loss of information Difficulties in modeling, specification and verification Introduction
Three Main Aspects Secrecy Integrity Availability Introduction
Secrecy Ensuring secrecy means preventing, detecting, deterring the improper disclosure of the database information in different environments. For examples, n n The target coordinates of a missile should not be improperly disclosed. The employees should not see the salaries of their managers. Introduction
Integrity Ensuring integrity means preventing, detecting and deterring the improper modification of a database For examples, n n The target coordinates of a missile should not be improperly modified. An employee should be able to modify his or her own information. Introduction
Availability Ensuring system availability means preventing, detecting and deterring improper denial of accesses to services provided by a database system. For examples, n n The missile should be fired, when the proper command is issued. Payment orders regarding taxes should be made on time by the tax law. Introduction
Remark In many environments, such as public institutions, security and integrity are often needed in combination. For example, n In hospital, airline companies or credit institutions, both secrecy and integrity are required. Introduction
- Slides: 9