Database Security

Computer Security:
Principles and Practice

Chapter 5 Database Security
First Edition
by William Stallings and Lawrie Brown
Lecture slides by Lawrie Brown
Database Security
Relational Databases
constructed
from tables of data
each column holds a particular type of data

each row contains a specific value these
ideally has one column where all values are
unique, forming an identifier/key for that row
have
multiple tables linked by identifiers

use a query language to access data
items meeting specified criteria
Relational Database Example
Relational Database Elements

relation
/ table / file
tuple / row / record
attribute / column / field
primary key
uniquely identifies a row
foreign
key
links one table to attributes in another
view
/ virtual table
Relational Database Elements
Structured Query Language

Structure
Query Language (SQL)
originally developed by IBM in the mid-1970s

standardized language to define, manipulate,
and query data in a relational database
several similar versions of ANSI/ISO standard
CREATE TABLE department (

Did INTEGER PRIMARY KEY,
Dname CHAR (30),
Dacctno CHAR (6) )
CREATE VIEW newtable (Dname, Ename, Eid, Ephone)

AS SELECT D.Dname E.Ename, E.Eid, E.Ephone
FROM Department D Employee E
WHERE E.Did = D.Did
CREATE TABLE employee (

Ename CHAR (30),
Did INTEGER,
SalaryCode INTEGER,
Eid INTEGER PRIMARY KEY,
Ephone CHAR (10),
FOREIGN KEY (Did) REFERENCES department (Did) )
Database Access Control
DBMS provide access control for database

assume have authenticated user
DBMS provides specific access rights to portions
of the database
e.g. create, insert, delete, update, read, write

to entire database, tables, selected rows or columns
possibly dependent on contents of a table entry
can support a range of policies:
centralized administration
ownership-based administration
decentralized administration
SQL Access Controls
two commands:
GRANT { privileges | role } [ON table] TO { user | role

| PUBLIC } [IDENTIFIED BY password] [WITH
GRANT OPTION]
e.g. GRANT SELECT ON ANY TABLE TO ricflair
REVOKE { privileges | role } [ON table] FROM { user |

role | PUBLIC }
e.g. REVOKE SELECT ON ANY TABLE FROM ricflair
typical access rights are:
SELECT, INSERT, UPDATE, DELETE,

REFERENCES
Cascading Authorizations
Role-Based Access Control

role-based
eases admin burden, improves security
categories
of database users:
application owner
end user
administrator
DB
access control work well for DBMS
RBAC must manage roles and their users
cf. RBAC on Microsofts SQL Server
Inference
Inference Example
Inference Countermeasures
inference
alter database structure or access controls
inference
detection at query time
by monitoring and altering or rejecting queries
need
detection at database design
some inference detection algorithm
a difficult problem
cf. employee-salary example
Statistical Databases
provides
e.g. counts, averages
two
data of a statistical nature
types:
pure statistical database

ordinary database with statistical access
some users have normal access, others statistical
access
control objective to allow statistical

use without revealing individual entries
security problem is one of inference
Statistical Database Security

use
a characteristic formula C
a logical formula over the values of attributes
e.g. (Sex=Male) AND ((Major=CS) OR (Major=EE))
query
set X(C) of characteristic formula C,

is the set of records matching C
a statistical query is a query that produces
a value calculated over a query set
Statistical Database Example
Protecting
Against
Inference
Tracker Attacks
divide
queries into parts
C = C1.C2
count(C.D) = count(C1) - count (C1. ~C2)
combination
is called a tracker
each part acceptable query size
overlap is desired result
Other Query Restrictions

query
set overlap control
limit overlap between new & previous queries

has problems and overheads
partitioning
cluster records into exclusive groups

only allow queries on entire groups
query
denial and information leakage
denials can leak information

to counter must track queries from user
Perturbation
add noise to statistics generated from data
data perturbation techniques
data swapping
generate statistics from probability distribution
output perturbation techniques
will result in differences in statistics
random-sample query
statistic adjustment
must minimize loss of accuracy in results
Database Encryption
databases typical a valuable info resource
protected by multiple layers of security: firewalls,

authentication, O/S access control systems, DB
access control systems, and database encryption
can encrypt
entire database - very inflexible and inefficient

individual fields - simple but inflexible
records (rows) or columns (attributes) - best
also need attribute indexes to help data retrieval
varying trade-offs
Database Encryption
Summary
introduced
databases and DBMS

relational databases
database access control issues
SQL, role-based
inference
statistical
database security issues

database encryption

Database Security

Uploaded by

Database Security

Uploaded by

Computer Security:

Principles and Practice

from tables of data

each column holds a particular type of data

multiple tables linked by identifiers

Relational Database Example

Relational Database Elements

uniquely identifies a row

links one table to attributes in another

Relational Database Elements

Structured Query Language

Query Language (SQL)

originally developed by IBM in the mid-1970s

CREATE TABLE department (

CREATE VIEW newtable (Dname, Ename, Eid, Ephone)

CREATE TABLE employee (

Database Access Control

DBMS provide access control for database

e.g. create, insert, delete, update, read, write

can support a range of policies:

SQL Access Controls

GRANT { privileges | role } [ON table] TO { user | role

REVOKE { privileges | role } [ON table] FROM { user |

typical access rights are:

SELECT, INSERT, UPDATE, DELETE,

Role-Based Access Control

eases admin burden, improves security

access control work well for DBMS

RBAC must manage roles and their users

cf. RBAC on Microsofts SQL Server

alter database structure or access controls

detection at query time

by monitoring and altering or rejecting queries

detection at database design

some inference detection algorithm

e.g. counts, averages

data of a statistical nature

pure statistical database

control objective to allow statistical

Statistical Database Security

a logical formula over the values of attributes

e.g. (Sex=Male) AND ((Major=CS) OR (Major=EE))

set X(C) of characteristic formula C,

Statistical Database Example

queries into parts

Other Query Restrictions

set overlap control

limit overlap between new & previous queries

cluster records into exclusive groups

denial and information leakage

denials can leak information

add noise to statistics generated from data

data perturbation techniques

output perturbation techniques

will result in differences in statistics

must minimize loss of accuracy in results

databases typical a valuable info resource

protected by multiple layers of security: firewalls,

entire database - very inflexible and inefficient

databases and DBMS

database security issues

You might also like