1. dramatic imbalance between complexity of modern DBMS and security techniques 2. SQL is very complex - need to have a full understanding to have proper security 3. limited staff 4. heterogeneous mixture of database platforms
structured collection of data stored for use by one or more applications
database management system
software system that facilitates the creation, maintenance and use of an electronic database
special purpose programming language designed for managing data held in a RDBMS
basic building block of a relational database
relation consisting of tuples and attributes
What does a query language use
defined to be a potion of a row used to uniquely identify a row in the table
used to create a relationship between two tables.
virtual table. result of a query that returns selected rows and columns from one or more tables
what is a view often used for
security purposes. Can provide restricted access to a relational database so that the user or application only has access to certain rows/columns
A small number of privileged users may grant and revoke access rights
The owner (creator) of a table may grant and revoke access rights to the table
In addition to granting ad revoking access rights to a table, the owner of the table may grant and revoke authorization rights to other users, allowing them to grant and revoke access rights to the table
Users may grant other users access rights to the database. The new users may pass on the access rights to other users and so on.
Role-Based Access Control
permissions are associated with roles, and users are assigned to appropriate roles.
RBAC Application Owner
An end user who owns database objects (tables, columns, rows) as part of an application. That is, the database objects are generated by the application or are prepared for use by the application
RBAC End User
Operates on database objects via a particular application but does not own any of the database objects
User who has administrative responsibility for part or all of the database
Fixed Server Roles
Defined at server level. Roles have different permissions and are intended to provide the ability to spread administrative responsibilities without giving out complete control
Fixed Database Roles
Operate at the level of an individual database. Can provide DBA with delegating administrative responsibilities or blanket permissions for an end user
performing authorized queries to deduce unauthorized information from the legitimate responses received
refers to knowledge about correlations and dependencies among data items that can be used to deduce information not otherwise available to a particular user
Information transfer path by which unauthorized data is obtained
Inference Techniques Used to Derive Information
analyzing functional dependencies between attributes within a table or across tables and merging views with the same constraints
Countermeasures Against Inference
Inference detection during database design and inference detection at query time
Inference Detection During Database Design
alters the database structure or changes the access control regime to prevent inference.
Inference Detection at Query Time
seeks to eliminate an inference channel violation during a query or series of queries
Statistical Database SDB
one that provides data of a statistical nature, such as counts and averages.
Pure Statistical Database
Only stores statistical data
Ordinary Database with Statistical Access
Contains individual entries. Supports a population of nonstatistical users who are allowed access to selected portions of the database using discretionary access control (DAC), role-based access control (RBAC), or mandatory access control (MAC)
Countermeasures to inference attacks
Query restriction and Perturbation
Rejects a query that can lead to a compromise. The answers provided are accurate.
Provides answers to all queries, but answers are approximate
Types of Query Restriction
Query size restriction, query set overlap control, partitioning, query denial and information leakage
Query Size Restriction
For a database of size N, the query must return a result that is larger than k and smaller than N-k
Query Size Restriction Weaknesses
using a tracker (combination of parts that can track down the characteristics of an individual)
Query Set Overlap Control
Suppresses the responses from queries that have more than a predetermined number of records in common with each prior query.
Query Set Overlap Control Weaknesses
cooperation of several users, can limit the usefulness of the database, each user's profile has to be kept up to date
no partially overlapping queries.
Query Denial and Information Leakage
attacker can infer information by which queries are denied and which are allowed.
Can be used to solve query leakage by monitoring a given users queries and accepting or rejecting a query based on the history.
Data can be modified so as to produce statistics that cannot be used to infer values for individual records
When a statistical query is made, the system can generate statistics that are modified from those that the original database would provide
Data Perturbation Techniques
data swapping (Attribute values are exchanged between records) and generating a modified database using the estimated underlying probability distribution of attribute values.
Output Perturbation Techniques
Disadvantages of Encryption on a Database
Key management (providing secure keys to selected parts of the database to authorized users and applications is a complex task) and inflexibile (record searching becomes harder)
What levels can Encryption be applied in a database?
record level, attribute level, or the level of the individual field
An organization that produces data to be made available for controlled release, either within the organization or to external users
Human entity that presents requests to the system. The user could be an employee of the organization who is granted access to the database via the server, or a user external to the organization, who (After authentication) is granted access
frontend that transforms user queries into queries on the encrypted data stored on the server
An organization that receives the encrypted data from a data owner and makes them available for distribution to clients
What is the characteristic formula
logical formula over the values of attributes using the operators OR, AND, NOT