Transcript Copyright © 2004 Pearson Education, Inc.

Copyright © 2004 Pearson Education, Inc.
Chapter 23
Database Security and
Authorization
Copyright © 2004 Pearson Education, Inc.
Introduction to Database
Security Issues
Types of Security
Database Security and the DBA
Access Protection, User Accounts, and
Database Audits
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition
Copyright © 2004 Pearson Education, Inc.
Slide 23-3
Discretionary Access Control
Based on Granting and
Revoking Privileges
 Types of Discretionary Privileges
 Specifying Privileges Using Views
 Revoking Privileges
 Propogation of Privileges Using the GRANT
OPTION
 An Example
 Specifying Limits on Propagation of Privileges
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition
Copyright © 2004 Pearson Education, Inc.
Slide 23-4
Mandatory Access Control
and Role-Based Access
Control for Multilevel Security
Comparing Discretionary Access Control
and Mandatory Access Control
Role-Based Access Control
Access Control Policies for E-Commerce
and the Web
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition
Copyright © 2004 Pearson Education, Inc.
Slide 23-5
Introduction to Statistical
Database Security
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition
Copyright © 2004 Pearson Education, Inc.
Slide 23-6
Introduction to Flow Control
Covert Channels
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition
Copyright © 2004 Pearson Education, Inc.
Slide 23-7
Encryption and Public Key
Infrastructures
The Data and Advanced Encryption
Standards
Public Key Encryption
Digital Signatures
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition
Copyright © 2004 Pearson Education, Inc.
Slide 23-8
Summary
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition
Copyright © 2004 Pearson Education, Inc.
Slide 23-9