Xem mẫu
DISCRETIONARY ACCESS CONTROL
Tran Thi Que Nguyet
Faculty of Computer Science & Engineering HCMC University of Technology ttqnguyet@cse.hcmut.edu.vn
Outline
1 Introduction to Discretionary Access Control
2 Propose Models for DAC
3 SQL for Data Control
4 DAC & Information Flow Controls
Homework: Case study in SQL Server 2008 – Reading chapter 4 – Access control for Databases: Concepts and Systems. Elisa Bertino, et al.
2
Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering
© 2011
Information Systems Security Chapter 2: Introduction to DAC
2
Introduction to DAC
Discretionary Access Control (DAC): User can protect what they own.
The owner is given all privileges on their own data.
The owner can define the type of access (read/write/execute/…) and grant access to others.
The typical method of enforcing DAC in a database system is based on the granting and revoking privileges
3
Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering
© 2011
Information Systems Security Chapter 2: Introduction to DAC
3
Introduction to DAC
Types of Discretionary Privileges:
The account/system level: The administrator specifies the particular privileges that each account holds independently of the objects in the database system.
The object level: The administrator can control the privilege to access each individual object in the database system.
4
Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering
© 2011
Information Systems Security Chapter 2: Introduction to DAC
4
Introduction to DAC
The account/system level privileges (example) CREATE SCHEMA
CREATE TABLE CREATE VIEW ALTER
DROP
MODIFY SELECT
Ho Chi Minh City University of Technology Faculty of Computer Science and Engineering
© 2011
Information Systems Security Chapter 2: Introduction to DAC
5
...
- tailieumienphi.vn
nguon tai.lieu . vn