Term
|
Definition
| The process of determining who you are. e.g. User+Password |
|
|
Term
|
Definition
| A yes/no decision as to whether a single user is granted permission to a resource |
|
|
Term
| What security resons must a database address? |
|
Definition
- Secrecy - Disclosure of sensitive data
- Integrity - Improper modification
- Availability - The system might become unavailable
- Privacy
|
|
|
Term
| What are some privileges in MySQL? |
|
Definition
- Types of Discretionary privileges in MySQL
- Global
- Database
- Relation
- Column
- Stored Routline
- WITH GRANT OPTION
- The user we are granting permission to can add other users and grant them the same permission
- Mysql stores a permission in mysql.user. The DBMS needs tohave a record of who gave a privilege to whom
- If a user has granted a permission to another user then he/she can revoke the permission
- Problem Vulnerable to Trojan Horse Attacks
|
|
|
Term
| What is the Bell and Lapadula model? |
|
Definition
- Subjects: Active entities performing data access.
- Objects: Passive, an entry in a table (a relation or elements of a tuple).
- Security levels: Ordered, Higher mean more secured
- For a subject we have
- class(S) = security clearance.
- For an object we have
- class(O) = classification.
- Subject is not allowed to read an object unless
- Subject is not allowed to write an object unless
- A subject must not write to any object with a lower security level. Also known as the star property.
Problem: If you try to insert an entry with a lower classification and you get an error than you know that there is an entry with the same Primary Key as the one you are trying to insert but with a different level of permission.
|
|
|
Term
| What is Role-Based access control (RDBC) |
|
Definition
Every user has a role and every role has a permission then every user has a set of permissions.
In Discretionary Access Control(DAC) the user has control over their resources. In RBAC access is controlled at the system, outside the user's control.
Rules:
- Role assignment: A subject can execute a transaction only if the subject has been assigned a role
- Role authorisation: A subject's active role must be authorised for the subject
- Transaction authorization: A subject can execute a transaction only if the transaction is authorized for the subject's active role
The 3 rules ensure that users can execute only transactions they are authorized for |
|
|
Term
|
Definition
Use prepared statements or escape everything that is generated by the user.
Risk of SQL Injection:
- Database fingerprinting - Determine type of database and exploit weeknesses
- DoS
- Bypass authentication - Get access to data you are not meant to have. Most common and dangerous
- Priviledged escalation - Upgrade access level
Can be avoided through:
- Use prepared statements
- Filtering inputs - Stripping escape characters
|
|
|
Term
|
Definition
| A group of operations that need to be performed together and for which there is a need for mutual exclusion (No two threads enter the critical region). However it is not feasible to feasable to require operations to run serially because they are too many, which implies that DBMS have a mechanism to make sure that the result is indistinguishable from parallel execution |
|
|
Term
| What is dirty data and dirty reads? |
|
Definition
| Dirty data is data written by a transaction that has not been committed (and was aborted). A dirty read is a read of dirty data by another transaction |
|
|
Term
| What are the ACID properties? |
|
Definition
- Atomicity - Either all operations in the transaction are excecuted or none is excecuted at all
- Consistency - Any transaction will brig the state of the database from one valid state to another. e.g. Tranasaction transferring funds from one account to another will make sure that the sum of both accounts is the same before and after
- Isolation - Events within a transaction are hidden from other transactions running concurrently and do not interact. Uses synchronization techniques.
- Durability - Once a transaction has been completed and committed, it must guarantee these results will survive subsequent malfunctions. The use must have a guarantee that what has happened has actuall happened
|
|
|
Term
| What is the structure of an SQL transaction? |
|
Definition
START TRANSACTION
SQL STATEMENTS
COMMIT --The changes are installed permanently or
ROLLBACK -- the transaction aborts, database is restored to the original state |
|
|
Term
|
Definition
| A chronological (Possibly interleaving) order in which actions of transactions are executed. A correct schedule is equivalent to executing transactions sequentially in some order |
|
|
Term
|
Definition
A schedule S is serializable if its outcome is equal to the outcome of its transaction when executed sequentially.
|
|
|
Term
| What is a serial schedule? |
|
Definition
A serial schedule is when transactions are executed sequentially.
Serial schedules are inefficient because they do not allow interleaving operations. DBMS introduce protocols to ensure serializability in all schedules which the transactions participate |
|
|
Term
| What is conflict serializability? |
|
Definition
The idea is to have the same sets of respective chronologically ordered pairs of conflicting operations as you would if the schedule was serial. A schedule is conflict serializable if it is conflict equivalent to some serial schedule. Operations are in conflict if swapping them may change the meaning of a schedule.
|
|
|
Term
| What are examples of pairs of operations which would never conflict? |
|
Definition
- Ri(X); Rj(Y)
- Ri(X); Wj(Y) - If X != Y
- Ri(X); Wj(y) - If X != Y
|
|
|
Term
| What are examples of pairs of operations which would conflict? |
|
Definition
- Wi(x); Wj(x)
- Ri(X); Wj(X)
- Wi(X); Rj(X)
|
|
|
