Database Security and Query Processing PDF
Document Details
Uploaded by EfficientMountRushmore
Tags
Summary
This document discusses database security measures and query processing techniques. Topics covered include static indexing, parsing, optimization, and evaluation. It also explores various protection techniques, such as encryption and backup strategies.
Full Transcript
Static Index - Used to retrieve/find data much faster by reducing comparisons. -Also, it does not change frequently Benefits: 1. Optimizes query performance 2. Reduces time to retrieve data 3. Reduces number of rows. 4. Organized like a B-tree Unindexed datab...
Static Index - Used to retrieve/find data much faster by reducing comparisons. -Also, it does not change frequently Benefits: 1. Optimizes query performance 2. Reduces time to retrieve data 3. Reduces number of rows. 4. Organized like a B-tree Unindexed database - Checks row one by one (full table scan) 1. Not for large datasets 2. All items needed to be checked https://quizgecko.com/create?upload_id=628928&mode=questions&quiz_id=1023555 Query Processing - Processing from high query to low query. (Parsing, Validating and optimizing) Parsing: 1. Syntax check 2. Semantic check - Checks if the statements work or functionable. 3. Shared Pool check - Checks a written hash code, will not go further if it already existed. Parse Tree - A tree like grammatical structure. Features of Parse Tree: 1. Hierarchical Structure 2. Grammar Representation Purposes of Parse Tree: 1. Syntax Validation - Verifies the syntax 2. Structure Visualization - Provides a visualization of the query's structure. TRANSLATION, OPTIMIZATION AND EVALUATION Translation - Converts from a high level query to intermediate SQL Query (Relational Algebra Form) Optimization - Finds the most efficient way to execute the query. 1. Heuristic Optimization - Rewrites the query based on pre defined rules 2. Cost-Based Optimization - Cost of resources (eg. CPU usage, ram usage, disk usage, etc) Evaluation - Executes the SQL query that is provided by the operations and finally gives the result. (JOIN, WHERE, SELECT, ORDER BY, etc.) DBMS Security - Protects databases from any unintentional outcomes. - Maintains Confidentiality, Integrity and Availability. Key Components: 1. Authentication - Verifies 2. Authorization - Grants permissions 3. Encryption - Protects data 4. Auditing - Tracking, logging and history. Data Security - Protects the digital data from unwanted actions from entities. *It is important to secure your data to avoid any disruption and unauthorize access. How to secure your data properly? 1. Encryption - Converting into code to prevent access 2. Regular Data Backups - Stored in secured locations for future purposes. 3. Firewall and intrusions detection systems - Monitors and filters the network traffic. Data Service Providers: 1. Microsoft Azure Security 2. Oracle Cloud Infrastructure Security 3. Cisco Systems 4. Fortinet Advantages of Data Security 1. Protection from cyber attacks - Helps defend against malware, ransomware, phishing and hacking. 2. Prevention of data loss - Prevents any valuable data from permanent loss with the help of backup. 3. Avoidance of Financial losses- Prevents fraud, theft and ransomware. 4. Improved data management - Data security frameworks provides better track and classify specific data. What happens if you don't secure your data properly? 1. Business Disruption - Data corruption and data loss can affect the business operation. 2. Identity Theft - If not secured, unauthentication access can occur. 3. Ransomware Attacks - A ransom exchange made by hackers that can lock your data. Common DB security threats 1. SQL injection attacks - Malicious queries that may manipulate operations 2. Insider Threats - Unauthorized Access 3. Malware and ransomware - Viruses or software that can lock your data 4. Data leakage - Exposure of data. Security Measures for DBMS 1. Firewalls and Network Security - Protects from unauthorized access 2. Data Encryption - Hides/encrypts the data to protect any data theft. 3. Role Based Access Control - Assign specific roles 4. Regular Patching and Updates - Updates and fix vulnerabilities. 5. Backup Recovery - Prevents data loss. Encryption in Database Security 1. Symmetric Encryption - Same key for encryption and decryption 2. Asymmetric Encryption - A public key for encryption and private key for decryption Auditing and Monitoring 1. Database Auditing - Logs the access attempts and data changes 2. Monitoring tools - Tracking activities. Backup and recovery strategies 1. Full backups - Complete copy of database 2. Incremental Backups - Changes when it was last updated
