Security - PowerPoint PPT Presentation

About This Presentation
Title:

Security

Description:

Chapter 19 Security – PowerPoint PPT presentation

Number of Views:42
Avg rating:3.0/5.0
Slides: 18
Provided by: csus178
Learn more at: https://www.csus.edu
Category:

less

Transcript and Presenter's Notes

Title: Security


1
Chapter 19
  • Security

2
Agenda
  • Database Security
  • Countermeasure
  • Computer-based
  • Non-computer-based
  • Challenge over the Internet
  • Firewall
  • Web security

3
Database Security
  • Definition
  • Mechanisms to protect the database against
    intentional or accidental threats
  • Threats
  • Hardware
  • Software
  • Communication network
  • Database
  • Individual (user, programmer, operator,
    administrator, and outsider)
  • Consequence
  • Loss of confidentiality
  • Loss of privacy
  • Loss of integrity
  • Loss of availability

4
Countermeasures
  • Computer-based controls
  • Non-computer-based controls

5
Computer-based Controls - 1
  • Authorization authentication
  • Password and account number
  • Discretionary access control (grant and revoke)
  • Mandatory access control (object, security class,
    and clearance)
  • Virtual views

6
Computer-based Controls - 2
  • Logs or journaling
  • Transaction log
  • Violation log
  • Check points
  • Integrity
  • Domain
  • Enterprise
  • Entity
  • Referential
  • Backup (redundant array of independent disks -
    RAID) recovery
  • Audit

7
Computer-based Controls - 3
  • Encryption or cryptosystem
  • Encryption key
  • Encryption algorithm
  • Decryption key
  • Decryption algorithm
  • Symmetric encryption (Data Encryption Standard
    (DES)
  • Asymmetric encryption (RSA)

8
Example of Encryption - I
  • Divide text into groups of 8 characters. Pad
    with blank at end as necessary
  • Select an 8-characters key
  • Rearrange text by interchanging adjacent
    characters
  • Translate each character into an ordinal number
    with blank as 0, A as 1, B as 2
  • Add the ordinal number of the key to the results
  • Divide the total by 27 and retain the remainder
  • Translate the remainder back into a character to
    yield the cipher text

9
Example of Encryption - II
  • Message DATA COM
  • Key PROTOCOL
  • A D A T C M O
  • 01 04 01 20 03 00 13 15 (adatc mo)
  • 01 04 01 20 03 00 13 15
  • 16 18 15 20 15 03 15 12 (protocol)
  • 17 22 16 40 18 03 28 27 (sum)
  • 17 22 16 13 18 03 01 00 remainder
  • Q V P M R C A SPACE

10
Example of Decryption - I
  • Divide cipher text into groups of eight
    characters. Pad with blanks at end as necessary
  • Translate each cipher text alphabetic character
    and the encryption key into an ordinal number
  • For each group, subtract the ordinal number of
    the key value from the ordinal number of the
    cipher text
  • Add 27 to any negative number
  • Translate the number back to alphabetic
    equivalents
  • Rearrange the text by interchanging adjacent
    characters

11
Example of Decryption - II
  • Q V P M R C A SPACE
  • 17 22 16 13 18 03 01 00 (qvpmrca )
  • 17 22 16 13 18 03 01 00
  • 16 18 15 20 15 03 15 12 (protocol)
  • 01 04 01 -7 03 00 -14 -12 (substract)
  • plus 27 27 27 27
  • 01 04 01 20 03 00 13 15
  • A D A T C M O
  • D A T A C O M

12
Non-Computer-based Controls
  • Security policy
  • Contingency plan
  • Person, phone no., procedures
  • Site (cold, warm, or hot)
  • Personnel control
  • Reference
  • Termination
  • Training
  • Balance of duty
  • Escrow maintenance agreements
  • Physical

13
Challenge over the Internet
  • Privacy
  • Integrity
  • Authenticity
  • Non-fabrication
  • Non-repudiation

14
Firewall
  • Definition
  • A system to prevent unauthorized access to or
    from a private network
  • Types
  • Packet filter (difficult to configure and subject
    to IP spoofing)
  • Application gateway (degrade performance)
  • Circuit level gateway (TCP or User Datagram
    Protocol UDP)
  • Proxy server (performance filtering)

15
Web Security
  • Digital signatures Certificate Authority (CA)
  • Message digest algorithms and digital signature
  • Kerberos centralized security server
    (certificate server
  • Secure Sockets Layer (SSL) for data Secure HTTP
    (S-HTTP) for individual message
  • Secure Electronic Transaction (SET) for credit
    card Secure Transaction Technology (STT) for
    bank payment

16
Points to Remember
  • Database Security
  • Countermeasure
  • Computer-based
  • Non-computer-based
  • Challenge over the Internet
  • Firewall
  • Web security

17
Assignment
  • Review chapters 5-6, 11-19
  • Read chapter 20
  • Exam 3
  • Date
  • Project
  • Normalization and Corrected EER diagram due date
  • SQL, corrected normalization, and EER diagram due
    date
Write a Comment
User Comments (0)
About PowerShow.com