Database Security Views

3 Key Aspects
Secrecy – Prevent unauthorized access CREATEVIEW<view_name>AS SELECT <column_name(s)>
Integrity – Only authorized can modify FROM <table_name>
WHERE <condition>]
Availability – Authorized users can always to deny namal from inserting data to any table in
access the database.
Query: SELECT * FROM view_name
Access Control Models Drop: DROP VIEW view_name DENY insert TO namal
Discretionary Access Control (DAC): Based View Limitations: to remove the permissions granted to them by
•Views with aggregate functions are NOT updateable cancelling permission on the role they are in.
on privileges Mandatory Access Control •Views with joins can be ambiguous for updates
(MAC): Based on policy rules •Many DBMSs allow updates only on single-table views Advantages:
Security (restricted access), Query simplification Disadvantages: REVOKE insert TO dataEntry
Authentication: Verifying user identity Performance overhead, Update restrictions
Windows Authentication: Uses Active
Directory credentials SQL Server Key SQL Server Security Tasks
T-SQL Programming Extensions
Authentication: Uses SQL Server specific
credentials Authentication (Server Level)
-- Windows Authentication Variables:
CREATE LOGIN [domain\username]
FROM WINDOWS; -- SQL Authentication DECLARE @variable_name <data_type> SET Create Windows Authentication Login:
CREATE LOGIN username WITH @variable_name = <value> Example:
PASSWORD = 'password'; Authorization: DECLARE @DName VARCHAR(20) SET @DName = sal
'SESD'
Granting permissions to authenticated
users CREATE LOGIN [domain\user] FROM
Principals: Users, groups, IF Statement: WINDOWS
processes(logins, users) IF (condition, true_value, false_value) BEGIN
- Server level: include logins & server roles WITH DEFAULT_DATABASE = master;
- Database level: users & database roles -- statements END
Securables:Resourcesthatcanbesecured(s
Create SQL Server Authentication Login:
ervers,DBs,tables) - server level: database ELSE
& availability groups -- alternative statements
sql

- database level: schemas & full text WHILE Loop:

catalogs CREATE LOGIN login_name
- schema level: tables, views, functions and WHILE @count <= 100 BEGIN
stored procedures Permissions: Type of WITH PASSWORD = 'password'.
access granted(SELECT, INSERT, -- statements
EXECUTE) -grant or deny permissions to CHECK_EXPIRATION = ON;
securables at the server, database or
schema level SET @count = @count + 1 END
Backup & recovery
Steps to provide users with Access to
SQL server resources create a login, BREAK: Exit loop CONTINUE: Restart loop

create user defined server roles, Assign Backup Types

logins to the appropriate server roles, grant JDBC & Database Security
or deny permissions to the logins and 1. Full Backup: Complete database copy +
server roles, create a database user for JDBC Driver Types transaction log portion
each login, create user defined database
roles, assign users to the appropriate •Type 1: JDBC-ODBC Bridge (uses ODBC, platform 2. Differential Backup: Changes since last
database roles, grant or deny permissions dependent) full backup
to the database users and roles •Type 2: Native API Driver (vendor specific, requires native
libraries on client)
Fixed Server Roles •Type 3: Network Protocol Driver (pure Java, uses 3. Transaction Log Backup: All
sysadmin: Full server control middleware) transactions since last backup
dbcreator: Create/modify databases •Type 4: Thin Driver (pure Java, direct database connection)
securityadmin: Manage logins and JDBC Statement Types
Statement - static SQL Importance of Backups
permissions
-- Add login to fixed server role Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery("SELECT * FROM • Protects against:
ALTER SERVER ROLE sysadmin ADD Book");
MEMBER [domain\sarah]; PreparedStatement - parameterized queries String • User errors (e.g., accidental deletion)
User-Defined Server Roles sql = "UPDATE Employee SET type = ? WHERE
-- Create custom server role empId = ?";
°. Hardware failures
CREATE SERVER ROLE PreparedStatement pstmt =
DatabaseManager; conn.prepareStatement(sql);
pstmt.setString(1, "Manager"); ° Natural disasters
ALTER SERVER ROLE DatabaseManager
ADD MEMBER [emily.e]; pstmt.setInt(2, 101);
int rows = pstmt.executeUpdate(); SQL Server Jobs
-- Grant permissions to role
GRANT CREATE ANY DATABASE TO
CallableStatement - stored procedures Job Characteristics
DatabaseManager;
Database Permissions CallableStatement cstmt = conn.prepareCall("{call
GetEmployeeInfo(?)}"); • Automated series of operations
-- Grant table creation rights Steps to Create JDBC App
import java.sql.*;
public class JDBCExample { • Can run on schedules or in response to
Subqueries
-- Members who borrowed specific book
alerts
SELECT m.firstName, m.lastName, m.phone public static void main(String[] args) {
FROM Member m
// Step 1: Database connection details • Managed via SQL Server Agent
WHERE m.memberId IN (
Using the role created, provide permissions to Sachini Job Management
and Fathima (usernames are sachini and Fathima)
SELECT l.memberId
FROM Loan l • Create/Edit Jobs: Requires sysadmin role
ALTER ROLE dataEntry ADD MEMBER sachini
JOIN Book b ON l.bookId = b.bookId WHERE or ownership
ALTER ROLE dataEntry ADD MEMBER Fathima
b.title = 'The Great Gatsby'

Namal has a login name namal.k, write T-SQL statements

• Run Jobs: on schedule,in response to all
);
T-SQL Funclitin ex Database Security Quick Reference Sheet

Core Aspects of Database Security

Write T-SQl to login to Kasuni ?
Create login Kasuni
create function movie_ income
WITH PASSWORD = 'Kasumi23' (@mtitle char(20)) 1.⁠ ⁠Secrecy: Prevent unauthorized data
Default _ Database = school DB disclosure (eg, students can't see others
Provide permission using fixed server role to returns double grades)
handle all the administrative tasks in the
server to kasuni?
AS 2.⁠ ⁠Integrity: Prevent unauthorized
*ALER server role systemin ADD member
modifications (eg, students can't change
kasuni
begin grades)
Assuming that saman has the user name
saman a, Write T-SQL required to assign him 3.⁠ ⁠Availability: Ensure authorized users can
with responsibility of handling the schoolDB -- function body
Using user defined server role? access data when needed
USE schoolDB
CREATE ROLE dbmanager declare @total_ income doable Access Control Mechanisms
GRANT ALTER create,insert,execute to
dbmanager
ALTER ROLE dbmanager ADD member saman
select @total income = sum •⁠ ⁠Discretionary Access Control: Based on
privileges/rights granted to users
(tichefprice * spectators)
Assuming that Thusitha has a login
name Thasitha. p write Tsals required to •⁠ ⁠Mandatory Access Control: System-
allow him to from show s enforced policies (not covered in detail)
Create tables, functions, procedures
and triggins. where s. mouleTitle = @ntitle SQL Server Security Components

CREATE USER thusitha. for thusitha.p 1.⁠ ⁠Principals: Entities granted access
ALTER ROLE db-ddradmin ADD MEMBER
return
(users, groups, ro es)
thusitha.h
@total income
Assuming lasantha has a login named •⁠ ⁠Server-level: Logins, server roles
lasantha.h write T-SQL required to perform
the tasks he is responsible of? end •⁠ ⁠Database-level: Users, database roles
CREATE USER lasantha for login lasantha.h
ALTER ROLE db_datareader ADD member
lasantha.h
declare @income double 2.⁠ ⁠Securables: Objects being secured

Stored Procedures Syntax: exec @income = movie income spider -- SELECT statement with
WHERE, ORDER BY
man i SELECT column1, column2
CREATE PROCEDURE <procedure_name>
(parameters) AS FROM table_name
BEGIN print WHERE condition ORDER BY
column1 ASC|DESC;
-- procedure body END -- Aggregate functions with
== Triggers Definition: Special stored procedures
that automaticallyexecuteinresponsetodatabaseevents GROUP BY
Triggers Syntax: SELECT department, COUNT(*)
Deleting a row AS emp_count
FROM Employees GROUP BY
CREATE TRIGGER trigger_name
IMARY KEY, NOT NULL, department HAVING COUNT(*)
ON {table | view}
{FOR | AFTER | INSTEAD OF} {INSERT | UPDATE | > 5;
DELETE} • DELETE student WHERE studentid=1000
AS
-- INNER JOIN
BEGIN Updating a row SELECT s.name, c.name FROM
Students s
-- trigger body END • UPDATE student JOIN Courses c ON
s.course_id = c.course_id;
SET вра=2.8 -- Subquery
Trigger Types:
AFTER/FOR: Executes after the triggering event (default) SELECT name FROM Employees
INSTEAD OF: Executes instead of the triggering event Virtual WHERE studentid=1001
Tables: WHERE salary > (SELECT
INSERTED: Contains new/updated rows (INSERT, UPDATE)
DELETED: Contains old/deleted rows (DELETE, UPDATE) DEFAULT IT, AVG(salary) FROM
Triggers Example: Employees);
proB_fk FOREIGN KEY (progid) REFERENCES IN DELETE -- UPDATE
CREATE TRIGGER account_audit_trigg ON SET DEFAULT ON UPDATE CASCADE, UPDATE Students SET name =
Account 'John Doe' WHERE student_id
FOR INSERT, UPDATE НЕСК (gpa<= 4.0 )
= 'S001';
AS
-- INSERT
INSERT INTO
BEGIN
DECLARE @ano int, @balance float Courses(course_id, name,
SELECT @ano=accountNo, @balance=balance instructor)
VALUES ('C102', 'DBMS',
FROM inserted 'Dr. Smith');
INSERT INTO AccountAudit VALUES(@ano, -- DELETE
DELETE FROM Students WHERE
@balance, GETDATE()) END student_id = 'S001';