Database Management & Security Introduction PDF

Chat with Document Download

Document Details

FervidSiren1733

Uploaded by FervidSiren1733

جامعة العلوم الحديثة

Mr. Marwan Lardhi

Tags

database security database management SQL databases

Related

Summary

This document is an introduction to database management and security, covering topics from basic concepts to database challenges and security threats. Included are overviews of database software, such as SQL Server, and Structured Query Language (SQL).

Full Transcript

Database Management & Security Introduction Mr. Marwan Lardhi Introduction to Database The word data can include words, numbers, letters, and binary information such as images. The word base means foundation or place. A database is a place to put your data. A datab...

Database Management & Security Introduction Mr. Marwan Lardhi Introduction to Database The word data can include words, numbers, letters, and binary information such as images. The word base means foundation or place. A database is a place to put your data. A database is an organized collection of structured information, or data, typically stored electronically in a computer system. A database is usually controlled by a database management system (DBMS). 2 Database & a Spreadsheet Databases and spreadsheets (such as Microsoft Excel) are both convenient ways to store information. The primary differences between the two are: – How the data is stored and manipulated. – Who can access the data. – How much data can be stored. 3 Database & a Spreadsheet Spreadsheets – Originally created for single-user scenarios. – Ideal for users who need basic data manipulation. – Best for simple calculations and small datasets. Databases – Capable of handling massive amounts of organized information. – Supports simultaneous access by multiple users. – Enables intricate data manipulation through advanced query languages. – Built with robust security measures for data integrity and access control. 4 Types of Databases Relational databases Object-oriented databases Distributed databases Data warehouses NoSQL databases Graph databases Open source databases 5 Database Software Database software is used to create, edit, and maintain database files and records, enabling easier file and record creation, data entry, data editing, updating, and reporting. Also handles data storage, backup and reporting, multi-access control, and security. Database software is referred to as a “database management system” (DBMS) 6 DBMS Examples MySQL, Microsoft Access, Microsoft SQL Server, FileMaker Pro, Oracle, and dBASE. 7 Microsoft SQL Server Database Microsoft SQL Server (MS-SQL) is a relational database management system (RDBMS) developed by Microsoft. It's designed to manage and store data, allowing users to create, retrieve, update, and delete data efficiently. MS-SQL Components – Database Engine: Core service for data storage, processing, and security. – SQL Server Management Studio (SSMS): A graphical tool for managing SQL Server instances and databases. – SQL Server Agent: Automates tasks such as backups and job scheduling. 8 MS-SQL Server Database (Cont..) Editions Versions Enterprise Edition SQL Server 7 SQL Server 2000 Standard Edition SQL Server 2005 SQL Server 2008 Workgroup Edition SQL Server 2008 R2 Web Edition SQL Server 2012 SQL Server 2014 Developer Edition SQL Server 2016 Express Edition SQL Server 2017 SQL Server 2019 Compact Edition SQL Server 2022 9 Structured Query Language (SQL) SQL is a programming language used by nearly all relational databases to query, manipulate, and define data, and to provide access control. It consists: – Data Definition Language (DDL)  Create, Alter, Drop and Rename – Data Manipulation Language (DML)  Insert, Update, Delete and Select – Data Control Language (DCL)  Grant and Revoke 10 Database Challenges Handling big increases in data size. Keeping data safe. Meeting user needs. Looking after the database and its systems. Removing limits on growth or scalability. Making sure data residency, or latency requirements. 11 Database Security Database security: degree to which data is fully protected from tampering or unauthorized acts. Database Confidentiality, Integrity, and Availability (CIA components) – C: Protecting the information from disclosure to unauthorized parties. – I: Protecting information from being tampered by unauthorized parties. – A: Ensuring that authorized parties are able to access the information when needed. 12 Threats to Database Security 1. Granted excessive privileges and permissions, and privilege and permission abuse on database 2. Unauthorized privilege exploitation by hackers 3. SQL injection by hackers 4. Weak audit 5. Weak authentication 6. Database rootkits 7. Exposure of backup data 13 Database Security Protection Impose database security policies and regulations Database security practices – Access control – Auditing – Authentication – Encryption – Integrity controls Application design security Replication/synchronization and backups Intrusion detection for database rootkits, malicious code injection 14 Q&A What is a Database? What are the differences between database & Spreadsheet? Mention the types of database. What is CIA? What are common security threats to database systems? How can we protect the database? 15