Professional Documents
Culture Documents
DBSEC
DBSEC
Information Security
Not disclosed to inappropriate entities or processes.
– CONFIDENTIALITY
Authentication / Non-repudiation
Fabrication / Disown
4
Database Security
Authentication (Password, Pin, OTP)
Authorisation (Permission)
Access Control -- Discretionary Access Control
--- Mandatory Access Control
--- Roll Based Access Control
Intrusion Detection
Intrusion Prevention
Key Management Techniques
Cryptography
Basic Security Concepts: Users
Tables.
Views.
Stored Procedures (SQL SERVER).
ORACLE( Procedures, Functions and
Triggers).
Every user can be granted different privileges
on each database object.
Basic Security Concepts: Roles
Intrusion Prevention.
Anomaly Prevention System.
Misuse Prevention System.
Hybrid Intrusion Prevention System.
Attacks
DoS
Database Auditing
Auditing.
Statement-level, Privilege-level and
Object-level auditing.
Why Object-level Auditing?
Audit Record