Database and Data Mining Security

1
Database and Data Mining Security

• Xian Long

2
Introduction

• Databases are essential to many business and
  government organizations.
• Protecting data is at the heart of many secure
  systems.
• There are more security concerns for which there
  are not available controls.

3
Requirements for database security

• Physical database integrity (Power failure).
• Logical database integrity (modification to the
  value of one field does not affect other fields).
• Element integrity.
• Auditability (track who or what has accessed).
• Access control (user is allowed to access
  authorized data).
• User authentication (DBMS require rigorous user
  authentication).
• Availability.

4
Requirements for database security (con)
--- Integrity of the database

• Two situations can affect the integrity of a
  database
• The whole database is damaged .
• Individual data items are unreadable
• One way of protecting database as a whole
  Regularly back up all files on the system.

5
Requirements for database security (con) ---
Element Integrity of database

• The integrity of database elements is their
  correctness or accuracy.
• How to make the database elements correct?
• 1.Authorized users enter correct data into
  databases.
• 2.DBMS take Three ways to correct to catch
  errors of database elements
• DBMS apply field checks.
• Access control.
• Maintaining a change log for the database.

6
Reliability and integrity

• Database concerns about reliability and integrity
  can be viewed from three dimensions
• Database integrity.
• Element integrity.
• Element accuracy

7
Reliability and integrity (con)

• The operating system provide basic security for
  databases. The DB manager perform two-phase to
  enhance the computing system.
• 1.Intent phase
• DBMS does everything to prepare for the
  update. But it makes no changes to the database.
• 2. Committing
• Involves the writing of a commit flag to a
  database. This phase makes the permanent changes.

8
Sensitive data

• What are sensitive data?
• Sensitive data are data that should not be
  made public, such as defense-related ones.
• Factors of Access decisions
• 1. Availability of data.
• 2. Acceptability of access.
• 3. Assurance of authenticity.

9
Inference of the database

• Three ways of the inference
• Direct attack
• Indirect attack
• Linear system vulnerability-----use typical
  operators or logical rules to derive values from
  a series of logical expressions.
• Two ways to Control statistical inference
  attacks
• Controls are applied to the queries.
• Controls are applied to individual items within
  the database.

10
Proposals for multilevel security

• Separation is necessary to limit access.
• Partitioning.
• Encryption
• Integrity lock.
• Sensitive lock.
• Design of multilevel security
• Integrity lock.
• Trusted Frond End.
• Commutative filters.
• Distributed database.
• Window/View.

11
Data mining

• What are data mining?
• Data mining are the great repositories of
  data. Many data are being collected and saved in
  some storages.
• The characteristics of data mining
• Privacy and Sensitivity.
• Data correctness and integrity.
• How to keep the data mining correct ?
• 1.Correcting mistakes in data.
• 2. Using comparable data.
• Eliminating False Matches.