Professional Documents
Culture Documents
c) Records
d) Fields (elements)
g) Entity
h) Attributes
i) Relation
ATTRIBUTE:
Description of a particular ENTITY
KEY FIELD:
Field used to retrieve, update, sort RECORD
Problems With Traditional File Environment
Data redundancy
Program / data dependency
Lack of flexibility
Poor security
Flat File
Lack of data sharing & availability
Database Management System (DBMS)
Software to create & maintain data
FROM:
IDs tables from which columns will be selected
WHERE:
Includes conditions for selecting specific rows, conditions for
joining multiple tables
Example:
SELECT (name, phone)
FROM employees_table
WHERE employer = ‘MWU’ and city =
‘Kalamazoo’
Database Administration
A person or a group of people
Maintains DBMS
E.g., software patches and updates
5.2. Security Requirements
Security requirements for databases and DBMSs:
a. Auditability requirements
Able to track who & what has accessed (read, wrote) the elements
in the database
d. Availability requirements
DB info available to all authorized users
Confidentiality / Integrity / Availability
Requirements can be rephrased / sumarized as follows:
Data must be trusted
Field checks
Self-authentication
High availability
5.3. Reliability and Integrity
Reliable software runs long time without failures
Reliable DBMS preserves:
DB Integrity / Element Integrity / Element Accuracy
Database integrity: the database as a whole is protected against
damage, as from the failure of a disk drive or the corruption of the master
database index.
These concerns are addressed by operating system integrity controls
and recovery procedures.
sensitive.
Examples are the salary attribute of a personnel database or a record
describing a secret space mission.
5.4. Sensitive Data (2)
Sensitive data are data that should not be made public
Several factors can make data sensitive
o Sensitive in relation to previously disclosed information.
Some data become sensitive in the presence of other data.
For example, the longitude coordinate of a secret gold mine reveals
little, but the longitude coordinate in conjunction with the latitude
coordinate pinpoints the mine.
5.5. Inference (Inference Problems)
Inference attack - inferring sensitive data from non-sensitive data
Types of inference attacks:
1) Direct attack
Infer senstive data from results of queries run by attacker
2) Indirect attack
Infer sens. info from statistics (Sum, Count, Median) also
from info external to the attacked DB
Tracker attacks (intersection of sets)
Linear system vulnerability
Use algebra of multiple equations to infer
Inference Controls
1) Query controls — applied to queries
Primarily against direct attacks
Query analysis to prevent inferences
Query inventory (history) per person
Problems
Polyinstantiation – multiple (“poly”) instantiations of a record,
each at a different security level
Example:
[John, Kalamazoo-MI] -- Public level
[John, 19_Main_Ave-Kalamazoo-MI] -- Confidential level
[John, 19_Main_Ave-Kalamazoo-MI, …, SSN=123-45-6789] --
Top_Secret level
Multilevel Security - Separation Mechanisms
1) Partitioning
Redundancy
3) Integrity lock
Data item
Sensitivity level
Checksum
4) Sensitivity lock
Unique identifier
Sensitivity level
Revision Questions of DB
4) What is normalization?