Introduction to Database Security

Questions and Answers

Database security is a narrow area of focus, mainly concerned with system-level security.

False (B)

Which of the following is NOT a threat to databases?

• Loss of cost-effectiveness (correct)
• Loss of integrity
• Loss of availability
• Loss of confidentiality

Unauthorized access to confidential information can lead to a violation of the ______ Act.

Data Privacy

Give an example of how improper modification of information can lead to a loss of integrity in a database.

A deliberate or accidental change to a database record, such as changing a customer's credit limit without authorization, could compromise the accuracy and trustworthiness of the data.

Match the following database security control measures with their primary focus:

Access control = Restricting user access to specific data based on permissions and credentials Inference control = Preventing unauthorized users from deducing sensitive information from aggregated data Flow control = Controlling the movement of information within a system to prevent unauthorized access

Besides the DBMS, which other elements contribute to the security of a database system?

All of the above (D)

Explain how "loss of availability" affects users in a database system.

Loss of availability prevents legitimate users from accessing the data they need, potentially disrupting business operations, research, or data-driven decision-making.

DBMS alone is responsible for ensuring the complete security of a database.

False (B)

Which of the following is NOT a typical mode of access granted to users in discretionary security mechanisms?

Execute (A)

Mandatory security mechanisms classify both users and data into security classes.

True (A)

What is the primary role of a Database Administrator (DBA) in a database system?

A Database Administrator (DBA) manages and controls the overall access and security of the database system.

Data encryption is primarily used to protect sensitive data, such as ______, that is transmitted over communication networks.

credit card numbers

Match the following database security mechanisms with their descriptions:

Discretionary security mechanisms = Grant access privileges to users for specific data, records, or fields Mandatory security mechanisms = Enforce multilevel security by classifying users and data based on security clearance levels DBA = Central administrator responsible for managing database security

Which of the following is NOT a typical DBA-privileged command?

Data Backup and Recovery (D)

A 'superuser' or 'system' account usually grants the user full control over the database system.

True (A)

Give an example of a typical security policy enforced by mandatory security mechanisms.

A typical security policy could state that users with a 'Secret' clearance level can only access data classified as 'Secret' or 'Unclassified'.

What does the GRANT OPTION allow a user to do?

Grant privileges to other accounts (C)

A1 can propagate the privileges it has been granted to A2, if it grants them with GRANT OPTION.

True (A)

Which SQL command does A1 use to grant privilege to A2 for inserting and deleting tuples on EMPLOYEE and DEPARTMENT?

GRANT INSERT, DELETE ON EMPLOYEE, DEPARTMENT TO A2;

If A1 is the owner of EMPLOYEE and DEPARTMENT, it automatically has the __________.

GRANT OPTION

Match the following accounts with their capabilities:

A1 = Create base relations A2 = Insert and delete tuples in EMPLOYEE and DEPARTMENT A3 = Does not have granted privileges A4 = Not mentioned in context

What type of privileges can be assigned at the account level in a database system?

CREATE, DROP, ALTER, MODIFY, SELECT (D)

The owner of a relation can grant privileges to users on other relations they do not own.

False (B)

What SQL command is used to revoke a privilege?

REVOKE

The DBA can control access to each individual relation or view in the database at the __________ level.

relation

Which privilege allows a user to retrieve data from a relation?

SELECT (D)

Match the following privileges with their descriptions:

SELECT = Retrieve or read data MODIFICATION = Change or update data REFERENCES = Use a relation in foreign key constraints GRANT OPTION = Allow another user to grant privileges

A view can be created to restrict access to only certain fields of a relation.

True (A)

What is the purpose of the GRANT OPTION when granting privileges?

To allow the recipient to grant that privilege to others.

Flashcards

What is database security?

Database security aims to safeguard the confidentiality, integrity, and availability of stored data.

What is loss of integrity?

Loss of integrity occurs when data is improperly modified, potentially through unauthorized updates, insertions, or creation of records.

What is loss of availability?

Loss of availability happens when authorized users are unable to access the data they need, due to system failures or malicious attacks.

What is loss of confidentiality?

Loss of confidentiality occurs when unauthorized users gain access to sensitive information, leading to breaches of privacy or data leaks.

Is database security solely the responsibility of the DBMS?

Database security is not solely the responsibility of the database management system (DBMS). It requires a collaborative effort involving applications, web servers, firewalls, and security monitoring systems.

What is access control?

Access control is the first line of defense, using user accounts and passwords to restrict access to the database.

What is inference control?

Inference control aims to prevent users from deducing sensitive information from queries that involve only summary statistics.

What is flow control?

Flow control restricts the movement of data to prevent unauthorized users from accessing it.

Data Encryption

A security method that uses encryption to protect sensitive data, like credit card numbers, during transmission over networks. Think of it like a secret code for information traveling online.

Discretionary Security Mechanisms

A method of database security for controlling access based on user permissions. Basically, giving specific users the right to view, edit, or delete certain data.

Mandatory Security Mechanisms

A security method that classifies both data and users into different security levels. This ensures users can only access data at their own level or below.

Database Administrator (DBA)

The central authority managing a database system. They have powerful privileges, kind of like a database king.

DBA Account

A specialized account for the DBA, providing access to powerful commands and tools. It's like a VIP pass for the database.

DBA-Privileged Commands

Commands used by the DBA for granting and revoking access privileges to users and groups. Think of it like configuring access to a building.

Granting and Revoking Privileges

The most common way to enforce discretionary access control in a database. It's about deciding who gets access to what.

Discretionary Access Control (DAC)

A primary method used for enforcing discretionary access control in a database. It involves assigning and removing access permissions to users and groups.

GRANT OPTION

The ability to allow other accounts to access a particular privilege.

Privilege Propagation

The process by which a DBMS tracks who has granted which privileges to other accounts.

GRANT Command

A SQL command used to grant specific privileges on database objects to a user or group of users. It dictates which operations a user can perform, preventing unauthorized access.

CREATETAB Privilege

A privilege that allows the grantee to create new tables (base relations) within a database.

GRANT OPTION for the owner

The owner of a relation automatically possess the power to grant privileges on that relation to other users.

Account Level Privileges

Assigning privileges to specific database accounts, independently of the database relations. Examples include CREATE, DROP, ALTER, MODIFY, and SELECT privileges.

Relation Level Privileges

Controlling access to individual relations (tables) or views within the database. The DBA can determine who can read, update, or reference each specific table.

Relation Owner

The account that owns a specific relation, automatically granted all privileges to the relation.

Privilege Granting

The ability for a relation owner to grant or deny privileges to other users on their owned relations.

Views for Access Control

Creating a limited view of a relation to allow other users to only access specific fields or tuples.

Privilege Revocation

Revoking a privilege temporarily.

Privilege Propagation with Grant Option

Granting a privilege to another user with the ability to further grant that privilege to others.

Privilege Revocation using REVOKE command

The ability for a relation owner to restrict the privileges previously granted to other users.

Study Notes

Database Security

• Database security is a broad subject encompassing legal, ethical, and systemic issues, including personal data access, policy concerns, and DBMS-level security.

• Security threats to databases can result in data integrity loss, improper data modifications, unavailability issues (legitimate users unable to access data), and confidentiality breaches (unauthorized data disclosure). Examples of breaches include data privacy act violations.

Introduction to Database Security Issues (cont'd)

• Database security isn't solely the responsibility of a DBMS. It involves multiple services, including applications, web servers, firewalls, and security systems.

• Key control methods for database security include access control (user accounts and passwords), inference control (preventing inferred data breaches from summaries or queries), flow control (restricting data flow to authorized users), and data encryption.

Two Types of Database Security Mechanisms

• Discretionary security mechanisms: Grant privileges to users for specific data access (read, write, delete). Access to files, records, or fields is controlled.

• Mandatory security mechanisms: Categorizes users and data into security classifications. Access is granted based on the classification level compared to the data's.

Database Security and the DBA

• The Database Administrator (DBA) has ultimate authority for database administration. This includes a superuser or administrator account offering powerful capabilities.

• DBA-privileged commands enable actions such as account creation, privilege granting, privilege revocation, and security level assignment.

Discretionary Access Control

• Discretionary access control in database systems usually grants privileges to users on relations (tables) based on relationships in the database or on accounts.

• Privileges can be granted at the relationship level (relation or table or view). This can involve selecting, modifying, or referencing information in a database.

• The owner of a table (relation) typically has all privileges regarding the relation. The owner can also allow others to have privileges or remove them.

Specifying Privileges Through the Use of Views

• Owners of information can create views with specific attributes.

Revocation and Propagation of Privileges

• Privileges can be revoked temporarily for specific tasks.

• Privileges can be granted with or without a propagation option. If the propagation option is included, the recipient can then grant it to others.

Simple GRANT Syntax

• A standard command for privileges and ownership is the GRANT command.

• This command involves specifying the privileges, object type, user, and granting options.

Example: Granting/Revoking Privileges

• Example scenarios demonstrate how different accounts can be granted specific privileges related to creating tables and accessing data within those tables (e.g., INSERT/DELETE privileges).