protection of database
TRANSCRIPT
-
7/31/2019 Protection of Database
1/20
1CMSC 127
Database Administration
and SecurityTransparencies
-
7/31/2019 Protection of Database
2/20
2CMSC 127
ObjectivesThe distinction between data
administration and database
administration.The purpose and tasks associated
with data administration and
database administration.The scope of database security.
-
7/31/2019 Protection of Database
3/20
3CMSC 127
Objectives Why database security is a serious
concern for an organization.
The type of threats that can affecta database system.
How to protect a computer system
using computer-based controls.
-
7/31/2019 Protection of Database
4/20
4CMSC 127
Data administration and
database administration Data Administrator (DA) and
Database Administrator (DBA) are
responsible for managing andcontrolling activities associatedwith corporate data and corporate
database, respectively. DA is more concerned with early
stages of lifecycle and DBA is
more concerned with later stages.
-
7/31/2019 Protection of Database
5/20
5CMSC 127
Data administration Management and control of
corporate data, including: database planning
development and maintenance ofstandards, policies, and procedures
conceptual and logical databasedesign
-
7/31/2019 Protection of Database
6/20
6CMSC 127
Data administration
tasks
-
7/31/2019 Protection of Database
7/20
7CMSC 127
Database administration Management and control of
physical realization of a databasesystem, including: physical database design and
implementation
setting security and integrity controls
monitoring system performance
reorganizing the database
-
7/31/2019 Protection of Database
8/20
8CMSC 127
Database administration
tasks
-
7/31/2019 Protection of Database
9/20
9CMSC 127
Comparison of data and
database administration
-
7/31/2019 Protection of Database
10/20
10CMSC 127
Database security Mechanisms that protect the
database against intentional or
accidental threats. Not only apply to the data held in a
database. Breaches of security
may affect other parts of thesystem, which may in turn affectthe database.
-
7/31/2019 Protection of Database
11/20
11CMSC 127
Database security Includes hardware, software,
people, and data.
Growing importance of security isthe increasing amounts of crucialcorporate data being stored on
computer.
-
7/31/2019 Protection of Database
12/20
12CMSC 127
Database security Outcomes to avoid:
theft and fraud
loss of confidentiality (secrecy)
loss of privacy
loss of integrity
loss of availability
-
7/31/2019 Protection of Database
13/20
13CMSC 127
Database securityThreat
Any situation or event, whether
intentional or unintentional, that mayadversely affect a system andconsequently the organization.
-
7/31/2019 Protection of Database
14/20
14CMSC 127
Examples of threats
and possible outcomes
-
7/31/2019 Protection of Database
15/20
15CMSC 127
Summary of threats to
computer systems
-
7/31/2019 Protection of Database
16/20
16CMSC 127
Countermeasures computer-based controls
authorization
views
backup and recovery
integrity
encryption
-
7/31/2019 Protection of Database
17/20
17CMSC 127
Countermeasures computer-based controls
AuthorizationThe granting of a right or privilege
that enables a subject to havelegitimate access to a databasesystem or a database systemsobject.
Authentication A mechanism that determines
whether a user is, who he or she
claims to be.
-
7/31/2019 Protection of Database
18/20
18CMSC 127
Countermeasures computer-based controls
View A view is a virtual table that does not
necessarily exist in the database butcan be produced upon request by aparticular user, at the time of request.
-
7/31/2019 Protection of Database
19/20
19CMSC 127
Countermeasures computer-based controls
Backup Process of periodically taking a copy of
the database and log file (and possiblyprograms) onto offline storage media.
Journaling
Process of keeping and maintaining alog file (or journal) of all changes madeto database to enable recovery to beundertaken effectively in the event of
failure.
-
7/31/2019 Protection of Database
20/20
20CMSC 127
Countermeasures computer-based controls
Integrity Prevents data from becoming invalid,
and hence giving misleading orincorrect results.
Encryption
Encoding the data by a specialalgorithm that renders the dataunreadable by any program withoutthe decryption key.