Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Structures

Data Base Security Module 7 

advertisement 
Module 7
Data Base Security
MModified by :Ahmad Al Ghoul
PPhiladelphia University
FFaculty Of Administrative & Financial Sciences
BBusiness Networking & System Management Department
RRoom Number 32406
EE-mail Address: ahmad4_2_69@hotmail.com
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
1
Contents
 Concept of a Data Base
 Components of Data Bases
 Advantages of Using Data Bases
 Security Requirements
 Integrity of the Data Base
 Element Integrity
 Field Checks
 Access Control
 Change Log
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
2
Concept of a Data Base
 Collection of data and a set of rules that organise the data
by specifying certain relationships among the data.
 The data items are stored in a file
 User is not concerned with the precise physical format of
the file.
 A data base administrator is the person
– who defines the rules that organise the data
– Controls who should have access to what parts of the data
 The user interacts with the database through a program
called data base manager or DBMS (front-end).
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
3
Components of Data Bases
 The data base file consists of
– Records: contains one related group of data
– Each record contains fields or elements
 A data base can be viewed as a two-
dimensional table
 The logical structure of a data base is called
a schema
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
4
Components of Data Bases
 The name of each column is called an attribute of the data
base.
 A relation is a set of columns.
 Users interact with data base managers through commands
that retrieve, modify, add or delete fields and records of the
data base
– Commands are called a query
 DBMSs have precise rules of syntax for queries.
SELECT NAME = ‘AYŞE’
retrieves all records having the value AYŞE in the NAME field.
 The result of executing a query is a subschema
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
5
Advantages of Using Data Bases
 Shared access
– Many users can use one common, centralised set of data
 Min. Redundancy
– Individual users do not have to collect and maintain their own sets
of data
 Consistency
– A change to data value affects all users of data value
 Integrity
– Values are protected against accidental or malicious incorrect
changes
 Controlled access
– Only authorised users are allowed to view or modify data values
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
6
Security Requirements
 Physical data base integrity
– İmmune to power failures
 Logical data base integrity
– Structure is preserved
 Element integrity
– Data contained in each element is correct
 Auditibility
– Trace who accessed/ modified elements
 Access control
– User is allowed to access to only authorised data
 User authentication
– To ensure every user is positively identified
 Availability
– Users can access the data base in general and all the data for which they
are authorised
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
7
Integrity of the Data Base
 Trust the accuracy of the data values
 Updates are performed only by authorised
individuals
 Data must be protected from corruption
– The whole data base is damaged
– Individual data items are unreadable
 Integrity of the data base is the responsibility of
the DBMS
 Periodic back-ups of a data base
 DBMS must maintain a log of transactions
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
8
Element Integrity
 Authorised users are responsible for putting
correct data into the data base
– Mistakes in collecting data
– Mistakes in computing results
– Mistakes in entering data
 The DBMS maintains the integrity by:
– Applying field checks
– Access control
– Change log
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
9
25060
Field Checks
 Test for appropriate values in a position
– Numeric
– Uppercase letter
– A set of acceptable characters
 The check ensures that a value falls within
specified bounds or is not greater thatn the sum
of the values in two other fields
 Prevents simple errors as the data is enetered.
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
10
Access Control
 A data base may contain data from different
sources
– Redundant data might have been stored in
many places
 Data bases have led to the collection and
control of this data at one central source
– Who has authorisation to update which
elements
– Policy issues
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
11
Change Log
 A list of every change made to the data base
 The log contains
– Original
– Modified values
 With this log a data base administrator can
undo any changes that were in error.
Network Security
Philadelphia
Universityl
Ahmad Al-Ghoul 2010-2011
12
Related documents
Exploring Secure Topologies Module 11 
Exploring Secure Topologies Module 11 
Virtual Private Networks Module 12 
Virtual Private Networks Module 12 
Salman Ahmad is a singer, songwriter, film presenter, author, teacher,... social activist. He is also a professor at Queens College...
Salman Ahmad is a singer, songwriter, film presenter, author, teacher,... social activist. He is also a professor at Queens College...
Ambiguous Structures
Ambiguous Structures
Muhammad Idrees Ahmad
Muhammad Idrees Ahmad
Grammar Quiz Name………………………………………………………………….. Group……………. Ali isn’t really ………….. with his life. 1.
Grammar Quiz Name………………………………………………………………….. Group……………. Ali isn’t really ………….. with his life. 1.
Administering Security Module 8 
Administering Security Module 8 
TCP/IP Layers and Vulnerabilities Module 9 
TCP/IP Layers and Vulnerabilities Module 9 
Network Infrastructure Security Module 10 
Network Infrastructure Security Module 10 
Download
advertisement