Security - PowerPoint PPT Presentation

1 / 48
About This Presentation
Title:

Security

Description:

Why database security is a serious concern for an organization. ... Thus, may be used for other application-level protocols such as FTP and NNTP. 38 ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 49
Provided by: thomas863
Category:
Tags: nntp | security

less

Transcript and Presenter's Notes

Title: Security


1
Chapter 18
  • Security
  • Transparencies

2
Chapter 18 - Objectives
  • Scope of database security.
  • Why database security is a serious concern for an
    organization.
  • Type of threats that can affect a database
    system.
  • How to protect a computer system using
    computer-based controls.
  • Security measures provided by Microsoft Access
    and Oracle DBMSs.
  • Approaches for securing a DBMS on the Web.

3
Database Security
  • Data is a valuable resource that must be strictly
    controlled and managed, as with any corporate
    resource.
  • Part or all of the corporate data may have
    strategic importance and therefore needs to be
    kept secure and confidential.

4
Database Security
  • Mechanisms that protect the database against
    intentional or accidental threats.
  • Security considerations do not only apply to the
    data held in a database. Breaches of security may
    affect other parts of the system, which may in
    turn affect the database.

5
Database Security
  • Involves measures to avoid
  • Theft and fraud
  • Loss of confidentiality (secrecy)
  • Loss of privacy
  • Loss of integrity
  • Loss of availability

6
Database Security
  • Threat
  • Any situation or event, whether intentional or
    unintentional, that will adversely affect a
    system and consequently an organization.

7
Summary of Threats to Computer Systems
8
Typical Multi-User Computer Environment
9
Countermeasures Computer-Based Controls
  • Concerned with physical controls to
    administrative procedures and includes
  • Authorization
  • Views
  • Backup and recovery
  • Integrity
  • Encryption
  • RAID technology

10
Countermeasures Computer-Based Controls
  • Authorization
  • The granting of a right or privilege, which
    enables a subject to legitimately have access to
    a system or a systems object.
  • Authentication
  • A mechanism that determines whether a user is who
    he or she claims to be.

11
Countermeasures Computer-Based Controls
  • View
  • Dynamic result of one or more relational
    operations operating on the base relations to
    produce another relation.
  • A virtual relation that does not actually exist
    in the database, but is produced upon request by
    a particular user, at the time of request.

12
Countermeasures Computer-Based Controls
  • Backup
  • Process of periodically taking a copy of the
    database and log file (and possibly programs) to
    offline storage media.
  • Journaling
  • Process of keeping and maintaining a log file (or
    journal) of all changes made to database to
    enable effective recovery in event of failure.

13
Countermeasures Computer-Based Controls
  • Integrity
  • Prevents data from becoming invalid, and hence
    giving misleading or incorrect results.
  • Encryption
  • The encoding of the data by a special algorithm
    that renders the data unreadable by any program
    without the decryption key.

14
RAID (Redundant Array of Independent Disks)
Technology
  • Hardware that the DBMS is running on must be
    fault-tolerant, meaning that the DBMS should
    continue to operate even if one of the hardware
    components fails.
  • Suggests having redundant components that can be
    seamlessly integrated into the working system
    whenever there is one or more component failures.

15
RAID Technology
  • Main hardware components that should be
    fault-tolerant include disk drives, disk
    controllers, CPU, power supplies, cooling fans.
  • Disk drives are most vulnerable components with
    shortest times between failure of any of the
    hardware components.

16
RAID Technology
  • One solution is to provide a large disk array
    comprising an arrangement of several independent
    disks organized to improve reliability and
    increase performance.

17
RAID Technology
  • Performance is increased through data striping
    the data is segmented into equal-size partitions
    (the striping unit), which are transparently
    distributed across multiple disks.
  • Reliability is improved through storing redundant
    information across the disks using a parity
    scheme or an error-correcting scheme.

18
Security in Microsoft Access DBMS
  • Provides two methods for securing a database
  • setting a password for opening a database (system
    security)
  • user-level security, which can be used to limit
    the parts of the database that a user can read or
    update (data security).

19
Securing the DreamHome Database Using a Password
20
User and Group Accounts Dialog Box for the
DreamHome Database
21
User and Group Permissions Dialog Box
22
Creation of a New User with Password
Authentication Set
23
Log on Dialog Box
24
Setting the Permissions
25
DBMSs and Web Security
  • Internet communication relies on TCP/IP as the
    underlying protocol.
  • However, TCP/IP and HTTP were not designed with
    security in mind. Without special software, all
    Internet traffic travels in the clear and
    anyone who monitors traffic can read it.

26
DBMSs and Web Security
  • Must ensure while transmitting information over
    the Internet that
  • inaccessible to anyone but sender and receiver
    (privacy)
  • not changed during transmission (integrity)
  • receiver can be sure it came from sender
    (authenticity)
  • sender can be sure receiver is genuine
    (non-fabrication)
  • sender cannot deny he or she sent it
    (non-repudiation).
  • Must also protect information once it has reached
    Web server.

27
DBMSs and Web Security
  • Download may have executable content, which can
    perform following malicious actions
  • Corrupt data or execution state of programs.
  • Reformat complete disks.
  • Perform a total system shutdown.
  • Collect and download confidential data.
  • Usurp identity and impersonate user.
  • Lock up resources.
  • Cause non-fatal but unwelcome effects.

28
DBMSs and Web Security
  • Measures include
  • Proxy servers
  • Firewalls
  • Message digest algorithms and digital signatures
  • Digital certificates
  • Kerberos
  • Secure sockets layer (SSL) and Secure HTTP
    (S-HTTP)
  • Secure Electronic Transactions (SET) and Secure
    Transaction Technology (SST)
  • Java security
  • ActiveX security.

29
Proxy Servers
  • Proxy server is computer that sits between
    browser and Web server.
  • It intercepts all requests to Web server to try
    to fulfil requests itself.
  • Has two main purposes
  • improve performance
  • filter requests.

30
Firewalls
  • Designed to prevent unauthorized access to/from a
    private network.
  • Can be implemented in both hardware and software,
    or a combination of both.
  • Several types of firewall techniques
  • Packet filter.
  • Application gateway.
  • Circuit-level gateway.
  • Proxy server.

31
Message Digest Algorithms
  • Message digest algorithm takes an arbitrary-sized
    string (message) and generates fixed-length
    string (digest or hash).
  • A digest has following characteristics
  • Should be computationally infeasible to find
    another message that will generate same digest.
  • Digest does not reveal anything about message.

32
Digital Signatures
  • Digital signature consists of two parts
  • string of bits computed from data being signed
  • private key of individual or organization wishing
    the signature.
  • Can be used to verify data comes from this
    individual or organization.

33
Digital Signatures
  • Digital signature has many useful properties
  • Authenticity can be verified, using public key.
  • Cannot be forged (assuming private key is kept
    secret).
  • Function of data signed and cannot be claimed to
    be signature for any other data.
  • Signed data cannot be changed or signature will
    no longer verify data as being authentic.

34
Digital Certificates
  • Attachment to electronic message used for
    security purposes (e.g. verify user sending
    message), and provide receiver with means to
    encode reply.
  • Sender applies for certificate from Certificate
    Authority (CA).
  • CA issues encrypted certificate containing
    applicants public key and other identification
    information.

35
Digital Certificates
  • CA makes its own public key readily available.
  • Recipient uses CAs public key to decode
    certificate attached to message, verifies it as
    issued by CA, and obtains senders public key and
    identification information held within
    certificate.
  • With this information, recipient can send an
    encrypted reply.
  • CAs role is critical, acting as go-between in
    relationship between two parties.

36
Kerberos
  • A server of secured user names and passwords.
  • Provides one centralized security server for all
    data and resources on network.
  • Database access, login, authorization control,
    and other security features are centralized on
    trusted Kerberos servers.
  • Has similar function to that of Certificate
    server to identify and validate a user.

37
Secure Sockets Layer (SSL)
  • Encryption protocol for transmitting private
    documents.
  • Designed to prevent eavesdropping, tampering, and
    message forgery.
  • Works by using private key to encrypt data that
    is transferred over SSL connection.
  • Layered between application-level protocols such
    as HTTP and TCP/IP transport-level protocol.
  • Thus, may be used for other application-level
    protocols such as FTP and NNTP.

38
Secure-HTTP (S-HTTP)
  • Protocol for securely transmitting individual
    messages over Web.
  • Both SSL and S-HTTP use techniques such as
    encryption, and digital signatures, and
  • allow browsers and servers to authenticate each
    other
  • allow controlled access to Web site
  • ensure data exchanged between browser and server
    is secure and reliable.

39
Secure Electronic Transactions (SET)
  • Open, interoperable standard for processing
    credit card transactions over Internet, in simple
    and secure way.
  • Transaction is split in such a way that merchant
    has access to information about
  • what is being purchased,
  • how much it costs,
  • whether payment is approved,
  • but no information on what payment method
    customer is using.

40
Secure Electronic Transactions (SET)
  • Card issuer (e.g. Visa) has access to purchase
    price, but no information on type of merchandise
    involved.
  • Certificates are heavily used by SET, both for
    certifying cardholder and for certifying that
    merchant has relationship with financial
    institution.

41
How SET Works
42
Secure Transaction Technology (SST)
  • Protocol designed to handle secure bank payments
    over Internet.
  • Uses DES encryption of information, RSA
    encryption of bankcard information, and strong
    authentication of all parties involved in
    transaction.

43
Java Security
  • Sandbox ensures untrusted application cannot gain
    access to system resources.
  • Involves three components
  • class loader
  • bytecode verifier
  • security manager.
  • Safety features provided by language and JVM, and
    enforced by compiler and runtime system.
  • Security is a policy built on top of safety layer.

44
Class Loader
  • Allocates (hierarchically structured) namespace
    for each class.
  • Never allows class from less protected
    namespace to replace class from more protected
    namespace.
  • Thus, I/O primitives, defined in local Java
    class, cannot be invoked or overridden by classes
    from out with local machine.
  • As browsers and Java applications can provide
    their own class loader, this may be viewed as
    weakness in security.

45
Bytecode Verifier
  • JVM verifies bytecode instructions before
    allowing application/applet to run.
  • Typical checks include verifying
  • Compiled code is correctly formatted.
  • Internal stacks will not overflow/underflow.
  • No illegal data conversions will occur.
  • Bytecode instructions are appropriately typed.
  • All class member accesses are valid.

46
Security Manager
  • Each Java application defines and implements its
    own security policy.
  • A Java-enabled browser contains its own Security
    Manager, and any applets it downloads are subject
    to its policies.
  • Generally, downloaded applets are prevented from
  • Reading and writing files on clients file
    system.
  • Making network connections to machines other than
    host.
  • Starting other programs on the client.

47
Security Manager
  • Loading libraries.
  • Defining method calls.
  • These restrictions apply to applets downloaded
    over Internet/intranet.
  • Also do not apply to applets on clients local
    disk and in directory on CLASSPATH.
  • Local applets are loaded by file system loader
    and can read and write files, exit JVM, and are
    not passed through bytecode verifier.

48
ActiveX Security
  • ActiveX security model places no restrictions on
    what a control can do.
  • Instead, each ActiveX control can be digitally
    signed by its author using system called
    Authenticode.
  • Digital signatures are then certified by CA.
  • This security model places responsibility for the
    computers security on the user.
Write a Comment
User Comments (0)
About PowerShow.com