1. Learning Objectives
2. Select & fill in the blank & judge (basic knowledge
Database Security Overview
- The security of the database refers to the protection of the database against data leakage, alteration or destruction caused by unlawful use .
-Factors that threaten database security: malicious access and destruction of the database by unauthorized users, leakage of important or sensitive data in the database, vulnerability of the security environment
– The security measures provided by DBMS mainly include technologies such as user authentication , access control and view .
-The main technologies provided by DBMS include audit logs such as mandatory access control , encrypted data storage and encrypted transmission
-TCSEC standard C2 B1 to focus on
-CC standard
Database Security Controls
- User identification and authentication
--Identification concept: composed of user name (user name) and user identification number (UID)
--Methods: static password authentication, dynamic password authentication, biometric authentication, smart card authentication
-Access control
--define users and permissions
Define user: username + password + permission
CONNECT users can log in to the database, and can query and operate data only when they have permissions on some tables
RESOURCE users can create tables (ps: the above is ORACLE, RESOURCE in SQL contains CONNECT)
create user
CREATE USER USER_NAME IDENTIFIED BY PASSWORD
Composition of user rights: data object + operation type
--legal permission check
-- Commonly used access control methods
※Autonomous access control DAC C2: User objects have different access rights to different data objects, and different users have different rights to the same object (you should be familiar with the GRANT and REVOKE syntax in this part)
The object that issued the GRANT: DBA, owner, user with the privilege
Authorized objects: one or more users, all users (PUBLIC)
WITH GRANT OPTION : The permission can be granted to others but cannot be cyclically granted
GRANT CREATE SELECT ON TABLE_NAME TO USER [WITH GRANT OPTION]
(to is at the end, sometimes I reverse the order of on and to)
GRANT SELECT ON TABLE student TO USER1;
GRANT ALL ON TABLE student TO U1,U2;
GRANT SELECT ON TABLE SC TO PUBLIC
GRANT UPDATE(Sno),SELECT ON TABLE student TO U4
REVOKE CREATE.... ON TABLE_NAME FROM USER
[CASCADE CONSTRAINTS|RESTRICT]
REVOKE SELECT,UPDATE,INSERT ON student FROM USER
ROLE database role : is a named set of permissions
CREATE ROLE ROLE_NAME;
give role permissions
GRANT SELECT... same as above
Grant roles to users
GRANT ROLE_NAME TO USER [WITH ADMIN OPTION]
Take back some permissions from a role
REVOKE UPDATE FROM ROLE-NAME
delete
DROP ROLE
View permissions
SELECT * FROM
01.USER_COL_PRIVS_RECD row-level privileges you have been granted
02.USER_ROLE_PRIVS View which privileges are granted to roles
03.USER_TAB_PRIVS_MADE Table-level privileges granted by you
04.USER_TAB_PRIVS_RECD table-level privileges you have been granted
05.USER_COL_PRIVS_MADE Row-level privileges granted by you
※ Mandatory access control MAC B1: Each data object is marked with a certain security level, and the user grants a certain level of license, no matter how the data is copied, the mark and the data are inseparable as a whole
- subject and object
- Sensitivity flags (Top Secret TS Confidential S Trusted C Public P)
- License level: the subject's sensitivity
-Classification: Sensitivity of the object
- Access rules for mandatory access control! :
(1) Only when the license level of the subject is greater than or equal to the security level of the object, the subject can read the corresponding object;
(2) Only when the license level of the subject is less than or equal to the security level of the object, the subject can write the corresponding object.
view mechanism
Use the view to filter out the things in the table that the user does not want to see, and then give the operation permission of the view to the user
audit
-Audit: Enables a dedicated audit log that records all user operations on the database on it
- Disadvantage: waste of time and space
-DBA can flexibly turn off or turn on the audit function
- Audit events
- Audit function
AUDIT Setup Audit
AUDIT ALTER,UPDATE ON TABLE_NAME; set the audit of alter and update of a table
NOAUDIT cancels audit
NOAUDIT ALTER,UPDATE ON TABLE_NAME;
- User-level auditing: users set by themselves, for their own tables and views
- System level auditing: DBA settings
data encryption
- Encryption method: storage encryption and transmission encryption
- Storage encryption:
Transparent storage encryption: Kernel-level encryption protection, completely transparent to users, with good performance and high security integrity
Non-transparent storage encryption: through multiple encryption functions
-Transfer encryption:
link encryption
end-to-end encryption
Other security protections
Inference control, covert channel, data privacy