Security and Integrity: Database Systems Lecture 17 Natasha Alechina

Security and Integrity
Database Systems Lecture 17

Natasha Alechina
In This Lecture
• Database Security
• Aspects of security
• Access to databases
• Privileges and views
• Database Integrity
• View updating, Integrity constraints
• For more information
• Connolly and Begg chapters 6 and 19

Database Security
• Database security is • Many aspects to
about controlling consider for security
access to • Legal issues
information • Physical security
• Some information • OS/Network security
should be available • Security policies and
freely protocols
• Other information • Encryption and
should only be passwords
available to certain • DBMS security
people or groups

DBMS Security Support
• DBMS can provide • DBMS verifies
some security password and checks
• Each user has an a user’s permissions
account, username when they try to
and password • Retrieve data
• These are used to • Modify data
identify a user and
control their access to • Modify the database
information structure

Permissions and Privilege
• SQL uses privileges • The owner (creator)
to control access to of a database has all
privileges on all
tables and other objects in the
database objects database, and can
• SELECT privilege grant these to others
• INSERT privilege • The owner (creator)
• UPDATE privilege of an object has all
• DELETE privilege privileges on that
object and can pass
them on to others

Privileges in SQL
GRANT <privileges> • <users> is a list of user
ON <object> names or PUBLIC
TO <users>
• <object> is the name of
[WITH GRANT OPTION] a table or view (later)
• <privileges> is a list of
• WITH GRANT OPTION
SELECT <columns>, means that the users can
INSERT <columns>, pass their privileges on
DELETE, and to others
UPDATE <columns>, or
simply ALL

Privileges Examples
GRANT ALL ON Employee GRANT SELECT,
TO Manager UPDATE(Salary) ON
WITH GRANT OPTION Employee TO Finance
The user ‘Manager’ can do The user ‘Finance’ can view

anything to the Employee the entire Employee table,
table, and can allow other and can change Salary
users to do the same (by values, but cannot change
using GRANT statements) other values or pass on
their privilege

Removing Privileges
• If you want to • If a user has the
remove a privilege same privilege from
you have granted other users then
you use they keep it
• All privileges
REVOKE <privileges> dependent on the
ON <object> revoked one are also
FROM <users> revoked

Removing Privileges
• Example Admin
• ‘Admin’ grants ALL
privileges to ‘Manager’,
SELECT ALL
and SELECT to
‘Finance’ with grant
option Finance Manager
• ‘Manager’ grants ALL to
Personnel SELECT ALL
• ‘Finance’ grants
SELECT to Personnel
Personnel

Removing Privileges
• Manager’ revokes ALL
from ‘Personnel’ Admin
• ‘Personnel’ still has
SELECT privileges from SELECT ALL
‘Finance’
• ‘Admin’ revokes Finance Manager
SELECT from ‘Finance’
• Personnel loses SELECT SELECT ALL
also
Personnel

Views
• Privileges work at • Views provide
the level of tables ‘derived’ tables
• You can restrict • A view is the result of
access by column a SELECT statement
• You cannot restrict which is treated like a
access by row table
• Views, along with • You can SELECT from
(and sometimes
privileges, allow for UPDATE etc) views
customised access just like tables

Creating Views
CREATE VIEW <name> • Example
AS <select stmt> • We want each user to
be able to view the
names and phone
• <name> is the name numbers (only) of
of the new view those employees in
their own department
• <select stmt> is a
query that returns
the rows and
columns of the view

View Example
• Example
• We want each user to be able to view the names and
phone numbers (only) of those employees in their
own department
• In Oracle, you can refer to the current user as USER
Employee
ID Name Phone Department Salary
E158 Mark x6387 Accounts £15,000
E159 Mary x6387 Marketing £15,000
E160 Jane x6387 Marketing £15,000

View Example
CREATE VIEW OwnDept AS
SELECT Name, Phone FROM Employee
WHERE Department =
(SELECT Department FROM Employee
WHERE name = USER)
GRANT SELECT ON OwnDept TO PUBLIC

Using Views and Privileges
• Views and privileges
are used together to User 1 User 2 User 3
control access
• A view is made which
contains the
information needed External External
• Privileges are granted View 1 View 2
to that view, rather
than the underlying
tables Conceptual
DBA
View

View Updating
• Views are like virtual • Updating views
tables • Updates to the base
• Their value depends tables change the
on the ‘base’ tables views and vice-versa
that they are defined • It is often not clear
from how to change the
• You can select from base tables to make
views just like a table the desired change to
• What about update, the view
insert, and delete?

View Updating
• For a view to be updatable, the defining
query of the view should satisfy certain
conditions:
• Every element in SELECT is a column name
• Should not use DISTINCT
• View should be defined on a single table (no
join, union, etc. used in FROM)
• WHERE should not have nested SELECTs
• Should not use GROUP BY or HAVING

To restrict someone's
Employee
access to a table
• Create a view of that ID Name Salary Department
table that shows only
the information they • We want to let the
need to see user 'John' read the
• Grant them privileges department and
on the view name, and be able to
update the
• Revoke any privileges
department (only)
they have on the
original table

Create a view Set the privileges
CREATE VIEW forJohn GRANT SELECT,

AS SELECT Name,
UPDATE (Department)
Department
FROM Employee ON forJohn
TO John
REVOKE ALL ON
forJohn FROM John
Database Integrity
• Security vs Integrity • Integrity constraints
• Database security • Domain constraints
makes sure that the apply to data types
user is authorised to • Attribute constraints
access information apply to columns
• Database integrity • Relation constraints
makes sure that apply to rows in a
(authorised) users use single table
that information • Database constraints
correctly apply between tables

Domains and Attributes
• Domains constraints are • Attributes are
data types constrained by their
• SQL: CREATE DOMAIN domains
(not in Oracle)
CREATE TABLE
CREATE DOMAIN Rainbow (
Colour CHAR(15) Rorder Int,
CONSTRAINT checkCol Rcolour Colour)
CHECK
(VALUE IN
(‘RED’,‘Blue’…))

Assertions
• Provide a way to CREATE ASSERTION
give relation and <name>
database constraints CHECK (
• Give a boolean
condition that must
<condition>
always be true )
• No action is permitted • The condition can
that would make the refer to one or several
condition false tables
• Again, not supported • Often use EXISTS or
in Oracle NOT EXISTS

Relation Constraints
• To create a relation CREATE ASSERTION
constraint checkSalaryBonus
• We simply make an CHECK (
assertion that checks NOT EXISTS (
the constraint
SELECT *
• Example: in an
Employee table, no FROM EMPLOYEE
employee’s bonus WHERE (Bonus >
should be more than 0.15*Salary)
15% of their salary
)
)
Database Constraints
• Database constraints are similar but
refer to several tables
• Example: Given tables student and
enrolment, make sure no CS student takes
more than 12 modules
Student Enrolment
ID Name Department ID Code

Database Constraints
CREATE ASSERTION CSEnrolment CHECK
(NOT EXISTS (
SELECT * FROM Student AS S
WHERE S.Department = ‘CS’ AND
((SELECT COUNT(*) FROM
Enrolment AS E
WHERE S.ID = E.ID) > 12)))

Constraints in Oracle
• Oracle does not CONSTRAINT <name>
support domains or CHECK
assertions (<condition>)
• It does, however,
support row-level • This is less general
constraints using than an assertion
CHECK constraints since the condition
• These are declared refers to a single row
like other constraints of a single table

CHECK Example
• To add a check on the Employee table
to make sure no employee’s bonus is
more than 15% of their salary
ALTER TABLE Employee

ADD CONSTRAINT checkSalaryBonus
CHECK (Bonus < 0.15*Salary)

Next Lecture
• 'Modern' Databases
• Distributed DBs
• Web-based DBs
• XML and DBs
• Object Oriented DBs
• Multimedia DBs
• For more information
• Connolly and Begg chapters 22-28

Security and Integrity: Database Systems Lecture 17 Natasha Alechina

Uploaded by

Copyright:

Available Formats

You might also like

Security and Integrity: Database Systems Lecture 17 Natasha Alechina

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Security and Integrity: Database Systems Lecture 17 Natasha Alechina

Uploaded by

Copyright:

Available Formats

Security and Integrity

Database Systems Lecture 17