Discretionary access controls includes about Discretionary Access Controls (DAC, Access Matrix Model), DAC in Relational Database (DAC, Privileges, The System R Access Control, Content–Based Access Control, Demo).
Trang 2 Discretionary Access Controls
DAC
Access Matrix Model
DAC
Privileges
The System R Access Control
Content–Based Access Control
Demo
Q & A
Trang 3Discretionary Access Controls
DAC is based on the identity of the user
requesting access and on a set of rules, call
authorizatons , explicitly stating which user can
perform which action on which resource
Trang 4Discretionary Access Controls
DAC
Bob
Document1
Trang 5Access Matrix Model
Access Matrix Model: The first discretionary
access control model proposed
Trang 6Access Matrix Model
Access Matrix Model: The first discretionary
access control model proposed
Triple (S,O,A)
S: subject; O: objects; A: actions; A[s,o] : contains the list of actions that subject s can execute over object o
Trang 7Sn A[sn,o1] A[sn,oi] A[sn,om]
Access Matrix Model
Trang 8 Model implementation:
S {(O,A)}: capability list
O{(S,A)}: ACL (access control list)
Access Matrix Model
Trang 9
Access Matrix Model
Access matrix implementation
Trang 10DAC in Relational Database
Trang 11Discretionary Access Control (DAC)
The typical method of enforcing discretionary access control in a database system is based
on the granting and revoking privileges
User can protect what they own
Owner may grant access to other
Owner can define the type of access
(read/write/execute/…) given to others
Trang 12 Object level
Trang 13Privileges
Trang 14 The create schema or create table privilege
The create view privilege
The alter privilege
The drop privilege
The modify privilege
The select privilege
Trang 15 Object level: applies to relation or view
Table Employee Table Department
View 1 View 2
Trang 18Alice does not want Bob to access the Employee relation ?
Revoke select ON Emp, Dept From Jack
Trang 19Inherent weakness of DAC
object which can be read by a subject to be
written to any other object
Suppose our users are trusted not to do this
deliberately It is still possible for Trojan Horses
Trang 20Trojan Horse Example
Trang 21Trojan Horse Example
Trang 22The System R Access Control Model
The main protection objects are tables and
views
Trang 23Content–Based Access Control
Trang 24Content–Based Access Control
Essentially, content-based access control
requires that access control decisions be based
on data contents
A content-based access control policy: a
manager can only access the employees that
work in his/her division
Trang 25Content–Based Access Control
Trang 26Content–Based Access Control
Create view Emp_Jack
as select ename, salary from Emp
With read only
Trang 27Content–Based Access Control
Jack
GRANT insert, delete ON Emp, Dept
TO Red
Create view Emp_Jack
as select * from Emp where name=‘Jack‘
With read only
Trang 28Content–Based Access Control
Too many views to create
Complicated policy logic can be difficult to express and
to update
Trang 29 Oracle
Trang 30 Discretionary Access Controls
DAC
Access Matrix Model
DAC
Privileges
The System R Access Control
Content–Based Access Control
Demo
Trang 31[1] M Gertz, S Jajodia: “Handbook of Database Security: Applications and
Trends”, Springer Verlag, 2009
[2] E Bertino, G Ghinita, A Kamra: "Access Control for Databases: Concepts
and Systems", Now Publishers, 3(1-2):1-148, 2011
[3] Truong Quynh Chi, DAC.
[4] Oracle Corporation : “Leveraging Oracle Database Security with J2EE Container Managed Persistence ” (white paper).
[5] Oracle® Database Security Guide 11g Release 1 (11.1)
http://docs.oracle.com/cd/B28359_01/network.111/b28531/vpd.htm#DBSEG0 07
Trang 3212/11/15 www.cse.hcmut.edu.vn 32