tailieunhanh - Database System: Chapter 11 - Database Security An Introduction

Database System: Chapter 11 - Database Security An Introduction presents about Introduction to Database Security Issues (DB security is a broad area, Threats to databases, Fundamental data security requirements), Discretionary Access Control, Mandatory Access Control. | Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc. 5/14/2020 4:10:16 AM Outline Introduction to Database Security Issues Discretionary Access Control Mandatory Access Control Slide 11 - Introduction DB security is a broad area, addressing: Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels Slide 11 - System-related issues: hardware level, os level, DBMS level The need to identify multiple security levels: classification (pha^ng ) Introduction Threats to databases Loss of integrity Loss of confidentiality Loss of availability Repudation Slide 11 - Fundamental data security requirements Introduction Slide 11 - Fundamental data security requirements Introduction Protection of data from unauthorized disclosure Slide 11 - Fundamental data security requirements Introduction Only authorized users should be allowed to modify data. Slide 11 - Fundamental data | Chapter 11 Database Security: An Introduction Copyright © 2004 Pearson Education, Inc. 5/14/2020 5:23:42 AM Outline Introduction to Database Security Issues Discretionary Access Control Mandatory Access Control Slide 11 - Introduction DB security is a broad area, addressing: Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels Slide 11 - System-related issues: hardware level, os level, DBMS level The need to identify multiple security levels: classification (pha^ng ) Introduction Threats to databases Loss of integrity Loss of confidentiality Loss of availability Repudation Slide 11 - Fundamental data security requirements Introduction Slide 11 - Fundamental data security requirements Introduction Protection of data from unauthorized disclosure Slide 11 - Fundamental data security requirements Introduction Only authorized users should be allowed to modify data. Slide 11 - Fundamental data security requirements Introduction Making data available to the authorized users & application programs Slide 11 - Fundamental data security requirements Introduction The ability to prevent the effective denial of an act. Slide 11 - Countermeasures To protect databases against these types of threats four kinds of countermeasures can be implemented: Access control Inference control Flow control Encryption Slide 11 - Access control The security mechanism of a DBMS for restricting access to the database as a whole Handled by creating user accounts and passwords to control login process by the DBMS. Two types of database security mechanisms: Discretionary security mechanisms (DAC) Mandatory security mechanisms (MAC) Slide 11 - A DBMS typically includes a database security and authorization subsystem that is responsible for ensuring the security portions of a database against unauthorized access. Inference control The security problem associated with databases is that .