29/10/2021

Database Security
• With the development of information
technology organizations have accumulated a
huge volume of data regarding many aspects
of their activities.
Database Security • All this data can be the basis for critical
decisions, which means that data has become
Ref: Sharma N. et al. Database Fundamentals, IBM an extremely valuable resource for
Corporation, 2010
organizations, so it is necessary to pay close
attention to data security.
• For these reasons, everyone in an organization
must be sensitive to security threats and take
measures to protect the data within their
domains.
1 2

Database Security: The Big Picture Database Security: The Big Picture
• Often the problems related to security are
complex and may involve legal, social or • In consequence, by focusing on database
ethical aspects, or issues related to policies security alone will not ensure a secure
implemented or related to control of the database.
physical equipment.
• Database security relates to protecting the • All parts of the system must be secure:
database against intentional or unintentional • the database,
threats, using elements of control that may or • the network,
may not be based on the computing
equipment. • the operating system,
• The analysis of database security includes not • the building in which the database resides
only services provided by a DBMS, but a wider physically and
range of issues associated with database and • the persons who have an opportunity to access
the environment security.
the system.

3 4

Database Security – The Big Picture Database Security – The Big Picture
• Designing and implementing a secure
database involves achieving the following
objectives:
• Privacy, which means that data should not be
known by unauthorized users;
• Integrity, which means that only authorized
users can change data;
• Availability, which means that authorized
users should not be denied access;

5 6

1
 29/10/2021

Database Security – The Big Picture Potential Threats

• To achieve these objectives, a clear security policy must be
developed that describes measures to be imposed. In • Some examples of potential threats that may
particular, it must be determined which users can access the occur include:
database, and to which data they can access. Moreover, we • data use by a user having disk media access
must specify which operations can be run on the data. • collection or unauthorized copying of data
• Then we will call upon the security mechanism provided by • alteration of programs
the DBMS or the operating system. The person responsible • illegal access by a hacker
for the security of a database is the database administrator • theft of data, programs or equipment
(DBA), who needs to take into account the various threats to • inadequate training of staff
the system.
• unauthorized disclosures of data
• The DBA defines the authorization rules that determine who • calamities (fires, floods, bombings)
can access the database, what parts of it can be accessed by
each user, and which operations are allowed.
• breaking or disconnecting cables
• viruses

7 8

Data Security Plan Data Security Plan

• Threats must be addressed in any complete data security • Loss of data integrity. If data integrity is impacted, data
plan: will be invalid or corrupted. In this case, an organization
• Theft and fraud. These actions may be perpetrated by may suffer important losses or make wrong decisions
people and may or may not alter data. In this case, attention based on incorrect data.
should focus on each possible location where data or • Loss of availability. This means that the data, the
applications reside physically. Concrete physical security system, or both, cannot be accessed. Sometimes this
must be established so that unauthorized persons are phenomenon is accompanied by alteration of data and
unable to gain access to rooms where computers, servers, or may lead to severe operational difficulties. This may
computer files are located. Using a firewall to protect arise as a result of sabotage of hardware, network or
unauthorized access to inappropriate parts of the database application, or as a result of introducing viruses.
through outside communication links, is a procedure that • Accidental losses of data. This may be the result of a
will stop people who are intent on theft or fraud. human error, or software and hardware breaches. To
• Loss of privacy or confidentiality. Confidentiality refers to the avoid accidental loss of data, an organization should
establish clear procedures for user authorization,
need to preserve the secrecy of data. This is of major uniform software installation, and hardware
importance for the organization, and the privacy concerns maintenance. As in any action that involves human
need to protect data about individuals. Loss of privacy may beings, some losses are inevitable, but it is desirable
lead to loss of competitiveness and failure to control privacy that the used policies and procedures will lead to
may lead to blackmail, bribery, public embarrassment, or minimal loss.
stealing of user passwords. Some of these may lead to legal
measures against the organization.

9 10

Access Control Access Control

• All decisions on the rights that various users • Authentication
have regarding the database objects are Authentication is the process by which users are
identified by the DBMS and prove their identity to access
business decisions not technical ones. the database.
• In order to decide what security constraints are • Authorization
applicable to a request for access, the system After a user is authenticated, it is necessary to determine
whether that user is authorized to access certain data or
must be able to recognize the source of the resources. Authorization is the process of granting
request. In other words, it must recognize the privileges, which allows a subject to have legitimate
access to a system or an object in a system. The
user that launched the application and it must definition of authorization contains the terms subject and
verify the user’s rights. object. The subject refers to a user or program and the
term object addresses a table, a view, an application,
procedure or any other object that can be created in the
system.

11 12

2
 29/10/2021

Access Control Views

• Administrative Authority • In conjunction with the authorization process,
Administrative authority confers to a person the views are an important component of the
right to control the database and have the security mechanism provided by a relational
responsibility for data integrity. DBMS. Views allow a user to see information
while hiding any information that the user
• Privileges should not be given access to.
Privileges are authorities assigned to users, • A view is the dynamic result of one or more
groups or roles, which allow them to accomplish relational operations that apply to one or more
different activities on database objects. base tables to produce another table.

13 14

Views Integrity Control

• A view is always based on the current data in the • The aim of integrity control is to protect data
base tables from which it is built. from unauthorized use and update, by
restricting the values that may be held and
• The advantage of a view is that it can be built to the operations that can be performed on
present only the data to which the user requires data.
access and prevent the viewing of other data that
may be private or confidential. • Integrity controls may also trigger the
execution of some procedure, such as
• A user may be granted the right to access the view placing an entry in a log that records what
but not to access the base tables upon which the users have done what with which data.
view is based.
There are more forms of integrity controls.

15 16

Data Encryption
Data Encryption • Encryption is the process of encoding data by a
particular algorithm, which makes it impossible for
• Sensitive and personal data stored within the a program to read data without the decryption key.
Usually encryption protects data transmitted
database tables and critical data transmitted through communication lines.
across the network, such as user credentials
• There are more techniques for encoding data, some
(user ID and password), are vulnerable and of which are reversible, while others are
should be protected against intruders. irreversible. Irreversible techniques do not allow
knowledge of the original data, but can be used to
obtain valid statistical information.
• Any system that provides encryption facilities must
also provide adequate routines for decoding,
routines which must be protected by proper
security.

17 18

3
 29/10/2021

Security policies and procedures Security policies and procedures

• Personnel control • Physical access control
An important physical access control is related to limiting access to
Often the greatest threat to data security is internal particular areas within a building. A proximity access card can be
rather than external, so adequate controls of used to gain access to a secured area. In this case, each access can
personnel must be developed and followed. The be recorded in a database. When it is necessary a guest should be
security authorization and authentication procedures issued badges and escorted in these areas.
must be enforced by procedures which ensure a Sensitive equipment can be controlled by placement in a secure
area. Other equipment can be locked in a desk or have an alarm
selection hiring process that validate potential attached. Backup data media should be kept in fireproof data safe
employees regarding their backgrounds and or kept outside in a safe location. Procedures must explicitly state a
capabilities. Employees should be trained in those schedule for moving media or disposing of media, and establish
aspects of security that are relevant to their jobs and labeling and indexing of such materials stored.
encouraged to be aware of and follow standard Lately, new companies are trending towards an increasingly mobile
security measures. If an employee should need to be nature of work. Laptops are very susceptible to theft, which puts
data on the laptop at risk. Encryption and multiple factor
let go then there should be a set of procedures to authentication can protect data. Antitheft devices, like security
remove authorizations and authentications and to cables or geographical tracking chips, can help determine theft and
notify other employees about the status change. quickly recover laptops on which critical data are stored.

19 20