Control Measures

Four main control measures are used to provide security of data in databases:

  ? Access control

  ? Inference control

  ? Flow control

Topics You May Be Interested In
Subclasses, Superclasses, And Inheritance Relational Query Languages
Specialization And Generalization Basic Structure Of Sql Queries
Purpose Of Database Systems Additional Basic Operations-the Rename Operation
Database Security Weak Entity Types
Introduction To Database Security Issues Null Values

  ? Data encryption

A security problem common to computer systems is that of preventing unauthorized persons from accessing the system itself, either to obtain information or to make malicious changes in a portion of the database. The security mechanism of a DBMS must include provisions for restricting access to the database system as a whole. This function, called access control, is handled by creating user accounts and passwords to control the login process by the DBMS. We discuss access control techniques in Section 24.1.3.

Statistical databases are used to provide statistical information or summaries of values based on various criteria. For example, a database for population statistics 838 Chapter 24 Database Security may provide statistics based on age groups, income levels, household size, education levels, and other criteria. Statistical database users such as government statisticians or market research firms are allowed to access the database to retrieve statistical information about a population but not to access the detailed confidential information about specific individuals. Security for statistical databases must ensure that information about individuals cannot be accessed. It is sometimes possible to deduce or infer certain facts concerning individuals from queries that involve only summary statistics on groups; consequently, this must not be permitted either. This problem, called statistical database security, is discussed briefly in Section 24.4. The corresponding control measures are called inference control measures.

Another security issue is that of flow control, which prevents information from flowing in such a way that it reaches unauthorized users. It is discussed in Section 24.6. Channels that are pathways for information to flow implicitly in ways that violate the security policy of an organization are called covert channels. We briefly discuss some issues related to covert channels in Section 24.6.1.

Topics You May Be Interested In
Data Abstraction, Knowledge Representation, And Ontology Concepts Introduction To Database Security Issues
Using High-level Conceptual Data Models For Database Design Introduction To Database Security Issues
View Of Data Initial Conceptual Design Of The Company Database
Database Languages Weak Entity Types
Specialty Databases Aggregate Functions

A final control measure is data encryption, which is used to protect sensitive data (such as credit card numbers) that is transmitted via some type of communications network. Encryption can be used to provide additional protection for sensitive portions of a database as well. The data is encoded using some coding algorithm. An unauthorized user who accesses encoded data will have difficulty deciphering it, but authorized users are given decoding or decrypting algorithms (or keys) to decipher the data. Encrypting techniques that are very difficult to decode without a key have been developed for military applications. Section 24.7 briefly discusses encryption techniques, including popular techniques such as public key encryption, which is heavily used to support Web-based transactions against databases, and digital signatures, which are used in personal communications.

A comprehensive discussion of security in computer systems and databases is outside the scope of this textbook. We give only a brief overview of database security techniques here. The interested reader can refer to several of the references discussed in the Selected Bibliography at the end of this chapter for a more comprehensive discussion.


Database security is a broad area that addresses many issues, including the following:

Topics You May Be Interested In
Modeling Of Union Types Using Categories Sql Data Definition
Using High-level Conceptual Data Models For Database Design Entity Types, Entity Sets, Keys, And Value Sets-2
Database Design Sensitive Data And Types Of Disclosures
Data Storage And Querying Database Security And The Dba
Structure Of Relational Databases Where Clause Predicates

  ? Various legal and ethical issues regarding the right to access certain information—for example, some information may be deemed to be private and cannot be accessed legally by unauthorized organizations or persons. In the United States, there are numerous laws governing privacy of information.

  ? Policy issues at the governmental, institutional, or corporate level as to what kinds of information should not be made publicly available—for example, credit ratings and personal medical records.

  ? System-related issues such as the system levels at which various security functions should be enforced—for example, whether a security function should be handled at the physical hardware level, the operating system level, or the DBMS level.

  ? The need in some organizations to identify multiple security levels and to categorize the data and users based on these classifications—for example, top secret, secret, confidential, and unclassified. The security policy of the organization with respect to permitting access to various classifications of data must be enforced.

Topics You May Be Interested In
Relational Databases Additional Basic Operations-string Operations
Database Architecture Relationship Types, Relationship Sets, Roles, And Structural Constraints
Structure Of Relational Databases Relationship Between Information Security Versus Information Privacy
Relational Query Languages Where Clause Predicates
Overview Of The Sql Query Language Set Operations-introduction

Threats to Databases.  Threats to databases can result in the loss or degradation of some or all of the following commonly accepted security goals: integrity, availability, and confidentiality.

  ? Loss of integrity. Database integrity refers to the requirement that information be protected from improper modification. Modification of data includes creation, insertion, updating, changing the status of data, and deletion. Integrity is lost if unauthorized changes are made to the data by either intentional or accidental acts. If the loss of system or data integrity is not corrected, continued use of the contaminated system or corrupted data could result in inaccuracy, fraud, or erroneous decisions. 

   ? Loss of availability. Database availability refers to making objects available to a human user or a program to which they have a legitimate right.

  ? Loss of confidentiality. Database confidentiality refers to the protection of data from unauthorized disclosure. The impact of unauthorized disclosure of confidential information can range from violation of the Data Privacy Act to the jeopardization of national security. Unauthorized, unanticipated, or unintentional disclosure could result in loss of public confidence, embarrassment, or legal action against the organization.

Topics You May Be Interested In
Purpose Of Database Systems Introduction To Database Security Issues
Database Languages Xml: Extensible Markup Language
Relational Databases Relational Query Languages
History Of Database Systems Relationship Types, Relationship Sets, Roles, And Structural Constraints
Database Schema Attribute Specification In Select Clause

To protect databases against these types of threats, it is common to implement four kinds of control measures: access control, inference control, flow control, and encryption. We discuss each of these in this chapter. In a multiuser database system, the DBMS must provide techniques to enable certain users or user groups to access selected portions of a database without gaining access to the rest of the database. This is particularly important when a large integrated database is to be used by many different users within the same organization. For example, sensitive information such as employee salaries or performance reviews should be kept confidential from most of the database system’s users. A DBMS typically includes a database security and authorization subsystem that is responsible for ensuring the security of portions of a database against unauthorized access. It is now customary to refer to two types of database security mechanisms:

? Discretionary security mechanisms. These are used to grant privileges to users, including the capability to access specific data files, records, or fields in a specified mode (such as read, insert, delete, or update).

? Mandatory security mechanisms. These are used to enforce multilevel security by classifying the data and users into various security classes (or levels) and then implementing the appropriate security policy of the organization. For example, a typical security policy is to permit users at a certain classification (or clearance) level to see only the data items classified at the user’s own (or lower) classification level. An extension of this is role-based security, which enforces policies and privileges based on the concept of organizational roles.


Topics You May Be Interested In
Characteristics Of The Database Approach Structure Of Relational Databases
Using High-level Conceptual Data Models For Database Design Chapter 11 Object And Object-relational Databases
Using High-level Conceptual Data Models For Database Design Introduction To Database Security Issues
Using High-level Conceptual Data Models For Database Design A Sample Database Application
Data Mining And Information Retrieval Example Of Notation- Uml Class Diagrams




Frequently Asked Questions

Ans: SQL includes a between comparison operator to simplify where clauses that specify that a value be less than or equal to some value and greater than or equal to some other value. view more..
Ans: The database administrator (DBA) is the central authority for managing a database system. The DBA’s responsibilities include granting privileges to users who need to use the system and classifying users and data in accordance with the policy of the organization view more..
Ans: Whenever a person or a group of persons needs to access a database system, the individual or group must first apply for a user account. The DBA will then create a new account number and password for the user if there is a legitimate need to access the database. view more..
Ans: Four main control measures are used to provide security of data in databases: Access control, Inference control, Flow control, Data encryption view more..
Ans: The SQL operations union, intersect, and except operate on relations. view more..
Ans: Null values present special problems in relational operations, including arithmetic operations, comparison operations, and set operations. view more..
Ans: Aggregate functions view more..
Ans: The main Idea for the Sampling Algorithm is to select a small sample , one that fits in main memory of the database of transaction view more..
Ans: The main idea of Sampling Algorithm is to select a small sample , one that fits in main memory , of the database of transaction view more..
Ans: SQL provides a mechanism for nesting subqueries. A subquery is a select-from where expression that is nested within another query. view more..
Ans: SQL provides a mechanism for nesting subqueries. A subquery is a select-from where expression that is nested within another query. view more..
Ans: We have restricted our attention until now to the extraction of information from the database. Now, we show how to add,remove, or change information with SQL. view more..
Ans: We introduced the natural join operation. SQL provides other forms of the join operation, including the ability to specify an explicit join predicate, and the ability to include in the result tuples that are excluded by natural join. We shall discuss these forms of join in this section. view more..
Ans: In our examples up to this point, we have operated at the logical-model level. That is, we have assumed that the relations in the collection we are given are the actual relations stored in the database. view more..
Ans: A transaction consists of a sequence of query and/or update statements. view more..
Ans: Integrity constraints ensure that changes made to the database by authorized users do not result in a loss of data consistency. view more..

Rating - 4/5