Home | | Database Management Systems | Database Security

Chapter: Fundamentals of Database Systems : Additional Database Topics: Security and Distribution : Database Security

Database Security

This chapter discusses techniques for securing data-bases against a variety of threats.

PART 10

Additional Database Topics: Security and Distribution


Chapter 24

Database Security

 

This chapter discusses techniques for securing data-bases against a variety of threats. It also presents schemes of providing access privileges to authorized users. Some of the security threats to databases—such as SQL Injection—will be presented. At the end of the chapter we also summarize how a commercial RDBMS—specifically, the Oracle system—provides different types of security. We start in Section 24.1 with an introduction to security issues and the threats to databases, and we give an overview of the control measures that are covered in the rest of this chapter. We also comment on the relationship between data security and privacy as it applies to personal information. Section 24.2 discusses the mechanisms used to grant and revoke privileges in relational database systems and in SQL, mechanisms that are often referred to as discretionary access control. In Section 24.3, we present an overview of the mechanisms for enforcing multiple levels of security—a particular concern in database system security that is known as mandatory access control. Section 24.3 also introduces the more recently developed strategies of role-based access control, and label-based and row-based security. Section 24.3 also provides a brief discussion of XML access control. Section 24.4 discusses a major threat to databases called SQL Injection, and discusses some of the proposed preventive measures against it. Section 24.5 briefly discusses the security problem in statistical databases. Section 24.6 introduces the topic of flow control and mentions problems associated with covert channels. Section 24.7 provides a brief summary of encryption and symmetric key and asymmetric (public) key infrastructure schemes. It also discusses digital certificates. Section 24.8 introduces privacy-preserving techniques, and Section 24.9 presents the current challenges to database security. In Section 24.10, we discuss Oracle label-based security. Finally, Section 24.11 summarizes the chapter. Readers who are interested only in basic database security mechanisms will find it sufficient to cover the material in Sections 24.1 and 24.2.


Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Fundamentals of Database Systems : Additional Database Topics: Security and Distribution : Database Security : Database Security |

Related Topics

Database Management Systems
Anna University - All Subjects
Anna University CSE - All Subjects
Anna University IT - All Subjects
Engineering - All Subjects
Computer Science Engineering - All Subjects
Fundamentals of Database Systems : Additional Database Topics: Security and Distribution : Database Security
Database Security
Introduction to Database Security Issues
Discretionary Access Control Based on Granting and Revoking Privileges
Mandatory Access Control and Role-Based Access Control for Multilevel Security
SQL Injection
Introduction to Statistical Database Security
Introduction to Flow Control
Encryption and Public Key Infrastructures
Privacy Issues and Preservation
Challenges of Database Security
Oracle Label-Based Security


Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.