Database security concepts and needs • Database security can be defined as concept of adding protection against the databases, which embraces Data handled by various elements inside a system. • Database security involves protecting the database from unauthorized access, modification, or destruction. • The security of information typically follows the CIA model: confidentiality, integrity, and availability. • Database security is needed to guard against: – Unauthorized reading of data (theft of information) – Unauthorized modification of data – Unauthorized destruction of data
PCA155-7 Madhav Subedi
Security Levels • To protect the database we must take security measures at different levels: – Database System: Responsibility of the database system to ensure that the authorization restrictions are not violated. – Operation System: No matter how secure the database system is, weakness in operating system security may serve as a means of unauthorized access to the database. – Network: Since almost all database systems allow remote access through terminals or networks, software level security within the network software is as important as physical security, both on the Internet and in private networks. – Physical: Sites with computer system must be physically secured against armed or surreptitious entry by intruders. – Human: Users must be authorized carefully to reduce the chance of any user giving access to an intruder in exchange for a bribe or other favors.
PCA155-7 Madhav Subedi
Access control: Discretionary • Discretionary access control is based on the concept of access right, or privileges, and mechanisms for giving users such privileges. • A privilege allows a user to access some data objects in a certain manner (e.g to read or modify). • A user who creates a database object such as a table or a view automatically gets all applicable privileges on that object. • SQL supports discretionary access control though the GRANT and REVOKE command. • The GRANT command gives privilege to user and REVOKE command takes away privilege. • E.g: REVOKE privileges on object from user GRANT privileges on object to user • In discretionary access control method, a devious unauthorized user can trick an authorized user into disclosing sensitive data.
PCA155-7 Madhav Subedi
Access control: Mandatory • Mandatory access control method is based on system wide policies that cannot be changed by the individual users. • In this approach each database object is assigned a security class, each user is assigned clearance for security class, and the rules are imposed on reading and writing of database objects by users. • These rules seek to insure that sensitive data can never be “passed on” to a user without the necessary clearance. PCA155-7 Madhav Subedi Encryption and Decryption • Encryption is the conversion of data into a form, called a cipher text that cannot be easily • understood by unauthorized people. • Data may be encrypted when database authorization provisions do not offer sufficient protection. • Properties of good encryption technique: – Relatively simple for authorized users to encrypt and decrypt data. – Encryption scheme depends not on the secrecy of the algorithm but on the secrecy of a parameter of the algorithm called the encryption key. – Extremely difficult for an intruder to determine the encryption key.
PCA155-7 Madhav Subedi
Encryption and Decryption… • Data Encryption Standard (DES) substitutes characters and rearranges their order on the basis of an encryption key which is provided to authorize users via a secure mechanism. – Scheme is no more secure than the key transmission mechanism since the key has to be shared. • Advanced Encryption Standard (AES) is a new standard replacing DES, and is also dependent on shared secret keys • Public-key encryption is based on each user having two keys: – public key - publicly published key used to encrypt data, but cannot be used to decrypt data – private key - key known only to individual user, and used to decrypt data. Need not be transmitted to the site doing encryption. – Encryption scheme is such that it is impossible or extremely hard to decrypt data given only the public key. – The RSA public-key encryption scheme is based on the hardness of factoring a very large number (100s of digits) into its prime components. • The act of restoring an encrypted file to its original state through the use of a key is decryption.
PCA155-7 Madhav Subedi
Encryption and Decryption… • Encryption is the conversion of data into a form, called a cipher text that cannot be easily • understood by unauthorized people. • Data may be encrypted when database authorization provisions do not offer sufficient protection. • Properties of good encryption technique: – Relatively simple for authorized users to encrypt and decrypt data. – Encryption scheme depends not on the secrecy of the algorithm but on the secrecy of a parameter of the algorithm called the encryption key. – Extremely difficult for an intruder to determine the encryption key. • Different encryption techniques are:- – Data Encryption Standard (DES) substitutes characters and rearranges their order on the basis of an encryption key which is provided to authorize users via a secure mechanism. Scheme is no more secure than the key transmission mechanism since the key has to be shared. – . E.g. – By substituting each character with the next character in the alphabet – Perryridge becomes Qfsszsjehf – Advanced Encryption Standard (AES) is a new standard replacing DES, and is also dependent on shared secret keys – Public-key encryption is based on each user having two keys: • public key – publicly published key used to encrypt data, but cannot be used to decrypt data • private key -- key known only to individual user, and used to decrypt data. Need not be transmitted to the site doing encryption. – Encryption scheme is such that it is impossible or extremely hard to decrypt data given only the public key. – The RSA public-key encryption scheme is based on the hardness of factoring a very large number (100's of digits) into its prime components. • Decryption • The act of restoring an encrypted file to its original state through the use of a key is decryption.