You are on page 1of 49

Database and Web Database

Systems
CT014-3-2

Database Security

Topic and Structure of the Lesson




Database security
Security threats
Countermeasures
Web database security
Crash recovery

CT014-3-2 Database and Web Database Systems

Database Security

Slide 2 (of 30)

Learning
Outcomes
At the end of this lesson, YOU should be able to
discuss:
•Discuss security threats.
•Discuss countermeasures.
•Discuss web database security.
•Explain crash recovery measures

CT014-3-2 Database and Web Database Systems

Database Security

Slide 3 (of 30)

Key Terms you must be able to use
If you have mastered this topic, you should be able to
use the following terms correctly in your assignments
and exams:
• Database security
• Security threats
• Countermeasures
• Web database security
• Crash recovery

CT014-3-2 Database and Web Database Systems

Database Security

Slide 4 (of 30)

• Part or all of the corporate data may have strategic importance and therefore needs to be kept secure and confidential. CT014-3-2 Database and Web Database Systems Database Security Slide 5 (of 30) .Database Security • Data is a valuable resource that must be strictly controlled and managed. as with any corporate resource.

Database Security • Involves measures to avoid: – – – – – Theft and fraud Loss of confidentiality (secrecy) Loss of privacy Loss of integrity Loss of availability CT014-3-2 Database and Web Database Systems Database Security Slide 7 (of 48) .

CT014-3-2 Database and Web Database Systems Database Security Slide 8 (of 48) . whether intentional or unintentional. that will adversely affect a system and consequently an organization.Database Security • Threat – Any situation or event.

Summary of Threats to Computer Systems CT014-3-2 Database and Web Database Systems Database Security Slide 9 (of 48) .

Typical Multi-User Computer Environment CT014-3-2 Database and Web Database Systems Database Security Slide 10 (of 48) .

Countermeasures – Computer-Based Controls • Concerned with physical controls to administrative procedures and includes: – – – – – – Authorization Views Backup and recovery Integrity Encryption RAID technology CT014-3-2 Database and Web Database Systems Database Security Slide 11 (of 48) .

• Authentication – A mechanism that determines whether a user is who he or she claims to be. CT014-3-2 Database and Web Database Systems Database Security Slide 12 (of 48) . which enables a subject to legitimately have access to a system or a system’s object.Countermeasures – Computer-Based Controls • Authorization – The granting of a right or privilege.

CT014-3-2 Database and Web Database Systems Database Security Slide 13 (of 48) . at the time of request. – A virtual relation that does not actually exist in the database.Countermeasures – Computer-Based Controls • View – Dynamic result of one or more relational operations operating on the base relations to produce another relation. but is produced upon request by a particular user.

CT014-3-2 Database and Web Database Systems Database Security Slide 14 (of 48) . • Journaling – Process of keeping and maintaining a log file (or journal) of all changes made to database to enable effective recovery in event of failure.Countermeasures – Computer-Based Controls • Backup – Process of periodically taking a copy of the database and log file (and possibly programs) to offline storage media.

and hence giving misleading or incorrect results. CT014-3-2 Database and Web Database Systems Database Security Slide 15 (of 48) .Countermeasures – Computer-Based Controls • Integrity – Prevents data from becoming invalid. • Encryption – The encoding of the data by a special algorithm that renders the data unreadable by any program without the decryption key.

RAID (Redundant Array of Independent Disks) Technology • Hardware that the DBMS is running on must be faulttolerant. • Suggests having redundant components that can be seamlessly integrated into the working system whenever there is one or more component failures. CT014-3-2 Database and Web Database Systems Database Security Slide 16 (of 48) . meaning that the DBMS should continue to operate even if one of the hardware components fails.

CPU.RAID Technology • Main hardware components that should be faulttolerant include disk drives. power supplies. cooling fans. disk controllers. • Disk drives are most vulnerable components with shortest times between failure of any of the hardware components. CT014-3-2 Database and Web Database Systems Database Security Slide 17 (of 48) .

RAID Technology • One solution is to provide a large disk array comprising an arrangement of several independent disks organized to improve reliability and increase performance. CT014-3-2 Database and Web Database Systems Database Security Slide 18 (of 48) .

all Internet traffic travels ‘in the clear’ and anyone who monitors traffic can read it. Without special software. CT014-3-2 Database and Web Database Systems Database Security Slide 19 (of 48) .DBMSs and Web Security • Internet communication relies on TCP/IP as the underlying protocol. TCP/IP and HTTP were not designed with security in mind. • However.

CT014-3-2 Database and Web Database Systems Database Security Slide 20 (of 48) . • Must also protect information once it has reached Web server. sender cannot deny he or she sent it (non-repudiation). receiver can be sure it came from sender (authenticity).DBMSs and Web Security • Must ensure while transmitting information over the Internet that: – – – – – inaccessible to anyone but sender and receiver (privacy). not changed during transmission (integrity). sender can be sure receiver is genuine (non-fabrication).

CT014-3-2 Database and Web Database Systems Database Security Slide 21 (of 48) . Collect and download confidential data. Perform a total system shutdown.DBMSs and Web Security • Download may have executable content. Cause non-fatal but unwelcome effects. Lock up resources. Usurp identity and impersonate user. which can perform following malicious actions: – – – – – – – Corrupt data or execution state of programs. Reformat complete disks.

DBMSs and Web Security • Measures include: – – – – – – – Proxy servers Firewalls Message digest algorithms and digital signatures Digital certificates Kerberos Secure sockets layer (SSL) and Secure HTTP (S-HTTP) Secure Electronic Transactions (SET) and Secure Transaction Technology (SST) – Java security – ActiveX security. CT014-3-2 Database and Web Database Systems Database Security Slide 22 (of 48) .

CT014-3-2 Database and Web Database Systems Database Security Slide 23 (of 48) .Proxy Servers • Proxy server is computer that sits between browser and Web server. • It intercepts all requests to Web server to try to fulfill requests itself. – filter requests. • Has two main purposes: – improve performance.

Proxy server. • Can be implemented in both hardware and software.Firewalls • Designed to prevent unauthorized access to/from a private network. • Several types of firewall techniques: – – – – Packet filter. Application gateway. CT014-3-2 Database and Web Database Systems Database Security Slide 24 (of 48) . or a combination of both. Circuit-level gateway.

– Digest does not reveal anything about message. CT014-3-2 Database and Web Database Systems Database Security Slide 25 (of 48) .Message Digest Algorithms • Message digest algorithm takes an arbitrary-sized string (message) and generates fixed-length string (digest or hash). • A digest has following characteristics: – Should be computationally infeasible to find another message that will generate same digest.

CT014-3-2 Database and Web Database Systems Database Security Slide 26 (of 48) . • Can be used to verify data comes from this individual or organization. – private key of individual or organization wishing the signature.Digital Signatures • Digital signature consists of two parts: – string of bits computed from data being ‘signed’.

CT014-3-2 Database and Web Database Systems Database Security Slide 27 (of 48) .Digital Signatures • Digital signature has many useful properties: – Authenticity can be verified. – Signed data cannot be changed or signature will no longer verify data as being authentic. – Cannot be forged (assuming private key is kept secret). using public key. – Function of data signed and cannot be claimed to be signature for any other data.

verify user sending message).Digital Certificates • Attachment to electronic message used for security purposes (e. • Sender applies for certificate from Certificate Authority (CA). • CA issues encrypted certificate containing applicant’s public key and other identification information. and provide receiver with means to encode reply. CT014-3-2 Database and Web Database Systems Database Security Slide 28 (of 48) .g.

• With this information. and obtains sender’s public key and identification information held within certificate. recipient can send an encrypted reply. acting as go-between in relationship between two parties. CT014-3-2 Database and Web Database Systems Database Security Slide 29 (of 48) . • Recipient uses CA’s public key to decode certificate attached to message. • CA’s role is critical.Digital Certificates • CA makes its own public key readily available. verifies it as issued by CA.

and other security features are centralized on trusted Kerberos servers. • Provides one centralized security server for all data and resources on network. login. • Has similar function to that of Certificate server: to identify and validate a user. authorization control. CT014-3-2 Database and Web Database Systems Database Security Slide 30 (of 48) .Kerberos • A server of secured user names and passwords. • Database access.

tampering. may be used for other application-level protocols such as FTP and NNTP. • Layered between application-level protocols such as HTTP and TCP/IP transport-level protocol. and message forgery. • Designed to prevent eavesdropping. • Thus.Secure Sockets Layer (SSL) • Encryption protocol for transmitting private documents. • Works by using private key to encrypt data that is transferred over SSL connection. CT014-3-2 Database and Web Database Systems Database Security Slide 31 (of 48) .

and: – allow browsers and servers to authenticate each other.Secure-HTTP (S-HTTP) • Protocol for securely transmitting individual messages over Web. CT014-3-2 Database and Web Database Systems Database Security Slide 32 (of 48) . – ensure data exchanged between browser and server is secure and reliable. and digital signatures. • Both SSL and S-HTTP use techniques such as encryption. – allow controlled access to Web site.

CT014-3-2 Database and Web Database Systems Database Security Slide 33 (of 48) .Secure Electronic Transactions (SET) • Open. • Transaction is split in such a way that merchant has access to information about: – what is being purchased. in simple and secure way. – whether payment is approved. interoperable standard for processing credit card transactions over Internet. • but no information on what payment method customer is using. – how much it costs.

Visa) has access to purchase price. CT014-3-2 Database and Web Database Systems Database Security Slide 34 (of 48) . • Certificates are heavily used by SET.g. both for certifying cardholder and for certifying that merchant has relationship with financial institution. but no information on type of merchandise involved.Secure Electronic Transactions (SET) • Card issuer (e.

How SET Works CT014-3-2 Database and Web Database Systems Database Security Slide 35 (of 48) .

• Uses DES encryption of information. CT014-3-2 Database and Web Database Systems Database Security Slide 36 (of 48) . RSA encryption of bankcard information.Secure Transaction Technology (SST) • Protocol designed to handle secure bank payments over Internet. and strong authentication of all parties involved in transaction.

• Involves three components: – class loader. and enforced by compiler and runtime system. – security manager. CT014-3-2 Database and Web Database Systems Database Security Slide 37 (of 48) . – bytecode verifier. • Security is a policy built on top of safety layer. • Safety features provided by language and JVM.Java Security • Sandbox ensures untrusted application cannot gain access to system resources.

each ActiveX control can be digitally signed by its author using system called Authenticode™. • Digital signatures are then certified by CA. • This security model places responsibility for the computer’s security on the user. • Instead. CT014-3-2 Database and Web Database Systems Database Security Slide 38 (of 48) .ActiveX Security • ActiveX security model places no restrictions on what a control can do.

CT014-3-2 Database and Web Database Systems Database Security Slide 39 (of 48) .Quick Review Question List the potential threats to a database system.

Database Recovery • Mechanism for restoring a database quickly and accurately after loss or damage • Recovery facilities: • Backup Facilities • Journalizing Facilities • Checkpoint Facility • Recovery Manager CT014-3-2 Database and Web Database Systems Database Security Slide 40 (of 48) .

off-site location CT014-3-2 Database and Web Database Systems Database Security Slide 41 (of 48) .g.Backup Facilities • Automatic dump facility that produces backup copy of the entire database • Periodic backup (e. nightly. weekly) • Cold backup – database is shut down during backup • Hot backup – selected portion is shut down and backed up at a given time • Backups stored in secure.

Journalizing Facilities • Audit trail of transactions and database updates • Transaction log – record of essential data for each transaction processed against the database • Database change log – images of updated data • Before-image – copy before modification • After-image – copy after modification CT014-3-2 Database and Web Database Systems Database Security Slide 42 (of 48) .

databases can be restored in case of damage or loss CT014-3-2 Database and Web Database Systems Database Security Slide 43 (of 48) .Database Audit Trail From the backup and logs.

Apply before images • Forward Recovery (Roll Forward) .Recovery and Restart Procedures • Switch .Reprocess transactions against the backup • Transaction Integrity .Mirrored databases • Restore/Rerun .Commit or abort all transaction changes • Backward Recovery (Rollback) .Apply after images (preferable to restore/rerun) CT014-3-2 Database and Web Database Systems Database Security Slide 44 (of 48) .

Basic Recovery Technique: Rollback CT014-3-2 Database and Web Database Systems Database Security Slide 45 (of 48) .

Basic Recovery Technique: Roll forward CT014-3-2 Database and Web Database Systems Database Security Slide 46 (of 48) .

• Measures taken to protect a database from potential threats. • Crash recovery procedures. CT014-3-2 Database and Web Database Systems Database Security Slide 47 (of 48) .Summary • What is database security. • Threats to a database system.

Question and Answer Session Q&A CT014-3-2 Database and Web Database Systems Database Security Slide 29 (of 30) .

Next Session Database Concurrency Issues CT014-3-2 Database and Web Database Systems Database Security Slide 48 (of 48) .

CT014-3-2 Database and Web Database Systems Database Security .DWDS Assignment Due date extended to: Friday 22-August-2014.