Scribd Logo
Upload

Welcome to Scribd!

  • DBMS Presentation

    Uploaded by

    santoshmahato2481832
    5 views17 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views17 pages

    DBMS Presentation

    Uploaded by

    santoshmahato2481832

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 17

    Access Controls

    Access Cont
    Controls
    Controls
    Controls
    Controls
    Controls
    Controls
    Controls
    Access
    Access
    Access
    Access
    Access Controls
    Access Controls
    Access Controls
    It is a method of allowing access to company’s sensitive data only to those people (database users) who
    are allowed to access such data and to restrict access to unauthorized persons.
    It includes two main components:

    Authentication
    A method of verifying the identity of a person who is accessing your database. Note that
    authentication isn’t enough to protect data.

    Authorization
    An additional layer of security is which determines whether a user should be allowed to access
    the data or make the transaction he’s attempting.

    Without authentication and authorization, there is no data security.


    Types of Access Controls
    Discretionary Access Control (DAC)
    Mandatory (MAC)
    A security model used in computer systems and databases to restrict access to information based on the discretion
    of the owner. DAC allows the owner or administrator to control who can access specific data and what actions they
    can perform on that data.

    User Identification: Object Identification: Access Permissions: Access Control Lists: Authorization Process: User Responsibility:
    Each user accessing Data objects within The owner or An ACL is a list When a user attempts to In DAC, the
    the database is the database, such as administrator assigns associated with each access a database responsibility for
    identified through a tables, views, stored access permissions to database object that object, the database managing access
    unique username or procedures, etc., are users or groups of specifies the users or system checks the user's control lies with the
    identifier. identified. users for each groups and their credentials against the owner or
    database object. corresponding access control lists administrator of the
    permissions. associated with the database.
    object.
    Types of Access Controls
    Discretionary (DAC)
    Mandatory Access Control (MAC)

    Mandatory Access Control (MAC) is another security model used in computer systems and databases, but
    it differs from Discretionary Access Control (DAC) in several key aspects.

    Access Decisions: Labels and Classification: Access Rules: No Overrides: Least Privilege Principle:
    Access decisions are not Each user and data object is Access rules are defined Unlike DAC, where owners MAC typically follows the
    left to the discretion assigned a security label or based on the security can grant or revoke access principle of least privilege,
    of individual users or classification based on their labels assigned to users permissions at their where users and processes
    data owners. sensitivity or importance. and data objects. These discretion, MAC does not are only granted the
    Instead, they are These labels are typically rules specify which users allow users to override minimum level of access
    determined by a hierarchical and represent or processes with certain access controls. Access necessary to perform their
    central authority, the level of confidentiality or security labels can access decisions are strictly tasks. This helps minimize
    typically the operating integrity associated with the specific data objects and enforced based on the the risk of unauthorized
    system or Database user or data. what operations they can predefined rules and labels. access and data breaches.
    Management system. perform.
    Encryption
    Encryption in databases is a crucial security measure to protect sensitive data from unauthorized access, both at rest and in transit.
    Here's how encryption is typically implemented in databases:
    Encryption
    Encryption in databases is a crucial security measure to protect sensitive data from unauthorized access,
    both at rest and in transit. Here's how encryption is typically implemented in databases:

    Data at Rest Data in Transit Transparent Data Column-Level Encryption: Key Management:
    Encryption: Encryption: Encryption (TDE): Some databases offer the Keys used for encryption
    This involves Data in transit TDE is a feature capability to selectively and decryption
    encrypting the data encryption ensures provided by some encrypt specific columns must be securely stored and
    stored in the database that data transmitted database management within a table. This allows managed to prevent
    when it's not actively between the database systems that organizations to encrypt unauthorized access.
    being accessed. It server and clients automatically encrypts only the most sensitive Key rotation, key
    prevents (such as applications data at rest. TDE helps data fields while leaving expiration, and
    unauthorized users or users) is encrypted protect against other data fields separation of duties are
    from accessing the to prevent unauthorized access to unencrypted for some key management
    data directly from the interception or data files. performance or functional best practices.
    database files. eavesdropping. reasons.
    Decryption
    Decryption in databases refers to the process of converting encrypted data back into its original, plaintext form so that it can be accessed
    and used by authorized users or applications. Here's how decryption typically works in a database environment:
    Decryption
    Decryption in databases refers to the process of converting encrypted data back into its original, plaintext
    form so that it can be accessed and used by authorized users or applications. Here's how decryption
    typically works in a database environment:

    Authorization and Key Retrieval: Key Management: Decryption Process: Access Control:
    Authentication: To decrypt the data, the Proper key management Once the decryption key has Decryption should only be
    Before decryption appropriate decryption is essential for securely been retrieved, it is used performed for authorized
    can occur, the user key must be retrieved. storing and retrieving to decrypt the encrypted users or applications with
    or application This key is typically used decryption keys. Keys data. The decryption the necessary permissions
    requesting access in conjunction with an should be protected process reverses the to access the data. Access
    to the encrypted encryption algorithm to from unauthorized encryption algorithm controls should be enforced
    data must be reverse the encryption access and stored in a applied to the data, resulting to prevent unauthorized
    authenticated and process and recover the secure manner. in the original plaintext decryption of sensitive
    authorized. original plaintext data. data. information.
    S W
    DZ QE
    AF X A WT Q
    QSG C S E YW
    WDH V D RPE
    E FJ B F T OR
    R G NG Y T
    T H MH Y
    W J U
    WD C G E R
    E F VH R T
    R G BJ T Y
    T H A NK Y O U
    W SMAny Queries?
    W
    D E
    F T
    Presenters:

    G Y
    Bijan Pradhananga
    H
    Manish Shrestha P
    Santosh Mahato Pratik Khanal Prashon Gautam

    You might also like