Countermeasures: Computer-Based Controls in DBMS

Concerned with physical controls to administrative and includes:
 - Authorization
 - Access controls
 - Views
 - Backup and recovery
 - Integrity
 - Encryption
 - RAID technology

Authorization
→ The granting of a right or privilege that enables a subject to have legitimate access to a system or a system's object.

Authentication
→ A mechanism that determines whether a user is who he or she claims to be

Access Control
→ Based on the granting and revoking of privileges

Privilege
→ A privilege allows a user to create or access (that is read, write, or modify) some database object (such as a relation, view, and index) or to run certain DBMS utilities.


Approaches used by DBMS
→ Discretionary Access Control (DAC)
     Mandatory Access Control (MAC)

Discretionary Access Control (DAC)

•  Provided by most DBMSs
•  SQL standard supports through GRANT/REVOKE
•  Certain weaknesses

Mandatory Access Control (MAC)

•  System-wide policies that cannot be changed by individual users
•  Each database object is assigned a security class and each user is assigned a clearance for security class, and rules are imposed on reading and writing of database object by users
• The SQL standard does not include support for MAC 
• Popular Bell-LaPudula model based on MAC 

Views

• A view is the dynamic result of one or more relational operations operating on the base relations to produce another relation
• A view is a virtual relation that does not actually exist in the database, but is produced upon request by a particular user, at the time of request
• Powerful and flexible security mechanism by hiding parts of the data from certain users
• Access to views, not to base relations

Backup and Recovery
→ The process of periodically taking a copy of the database and log file (and possibly programs) on to offline storage media

Journaling
→ The process of keeping and maintaining a log file (or journal) of all changes made to the database to enables recovery to be undertaken effectively in the event of a failure

Integrity
→ Prevents data from becoming invalid, and hence giving misleading or incorrect results

Encryption

• The encoding of the data by a special algorithm that renders the data unreadable by any program without the decryption key
• Symmetric encryption
• Asymmetric encryption 

RAID (Redundant Array of independent Disks) Technology

• Hardware that the DBMS is running on must be fault-tolerant, meaning that the DBMS should continue to operate even if one of the hardware components fail
• The main hardware components that should be fault-tolerant include disk drives, disk controllers, CPU, power supplies, and cooling fans
• Disk drives are the most vulnerable components with the shortest times between failure of any of the hardware components 
• One solution is to provide a large disk array comprising an arrangement of several independent disks that are organized to improve reliability (through mirror and error-correction scheme) and at the same time increase performance (through data stripping)