New User Special Price Expires in

Let's log you in.

Sign in with Facebook


Don't have a StudySoup account? Create one here!


Create a StudySoup account

Be part of our community, it's free to join!

Sign up with Facebook


Create your account
By creating an account you agree to StudySoup's terms and conditions and privacy policy

Already have a StudySoup account? Login here

Computer Security

by: Nick Rowe

Computer Security CS 42600

Nick Rowe
GPA 3.68


Almost Ready


These notes were just uploaded, and will be ready to view shortly.

Purchase these notes here, or revisit this page.

Either way, we'll remind you when they're ready :)

Preview These Notes for FREE

Get a free preview of these Notes, just enter your email below.

Unlock Preview
Unlock Preview

Preview these materials now for free

Why put in your email? Get access to more of this material and other relevant free materials for your school

View Preview

About this Document

Class Notes
25 ?




Popular in Course

Popular in ComputerScienence

This 36 page Class Notes was uploaded by Nick Rowe on Saturday September 19, 2015. The Class Notes belongs to CS 42600 at Purdue University taught by Staff in Fall. Since its upload, it has received 57 views. For similar materials see /class/208088/cs-42600-purdue-university in ComputerScienence at Purdue University.

Similar to CS 42600 at Purdue

Popular in ComputerScienence


Reviews for Computer Security


Report this Material


What is Karma?


Karma is the currency of StudySoup.

You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!

Date Created: 09/19/15
Computer Security CS 426 Lecture 29 Review and DBMS Security Review of Web Application Security Issues SQL Injection caused by using user inputs to form SQL queries should use prepare statement eg PreparedStatement in Java using input validation andor quotation helps but less bulletproof for legacy code can use eg query structure checking Cross Site Scripting caused by using user inputs to generate HTML pages inputs may contain malicious scripts should process user input before using it use input checking helps but less bulletproof CS426 Fall 2007Lecture 29 Review of Web Application Security Issues Cross Site Request Forgery caused by using cookie as the only authentication mechanism use additional authentication mechanism hidden fields etc CS426 Fall 2007Lecture 29 Final Exam Topics Topics in Lecture 10 or later Discretionary Access Control Mandatory Access Control Multilevel Security Assurance Integrity Protection RBAC Cryprography Network Security Web security Be familiar with quizs and homeworks CS426 Fall 2007Lecture 29 DBMS Security Issues Users and authentication Secure communication between client and server Vulnerabilities of DBMS implementation eg SQL Slammer worm limit who can connect to DBMS server CS426 Fall 2007Lecture 29 Basics Data are modeled as tables relations Each database may contain many tables and their de nitions Multiple users may use the same DBMS and have different privileges CS426 Fall 2007Lecture 29 Access Control Mechanisms Key features for access controls in DBMS Privileges Views Stored Procedures Roles ROW level access control P HeWN CS426 Fall 2007Lecture 29 Privileges 39 System privilege A right to perform a particular action or to perform an action on any schema objects of a particular type E g ALTER DATABASE and SELECT ANY TABLE Object privilege A right to perform a particular action on a speci c schema object such as tables views procedures and types Eg SELECT INSERT UPDATE DELETE CS426 Fall 2007Lecture 29 8 GrantRevoke Privileges 0 System privileges GRANT create table TO Bob XITH ADMIN OPTION REVOKE create table FROM Bob Users with ADMIN OPTION can not only grant the privilege to other users but also revoke the privilege from any user Object privileges GRANT select ON tablel TO Bob XITH GRANT OPTION REVOKE select ON tablel FROM Bob Users who revokes a particular object privileges must be the direct grantor of the privilege There is alwayr a cascading effect when an object privilege is revoked CS426 Fall 2007Lecture 29 Cascading Effect There is no timestamp for privileges Revocation ie cascading effect is coarse CS426 Fall 2007Lecture 29 10 Views Access control based on column and content EmployeeEmpID name deptID salary Want to allow employees to see only deptlD salary CREATE VIEW Viewname AS select deptlD salary from Employee Grant select privileges to employees CS426 Fall 2007Lecture 29 1 1 Views To create a view The creator must have been explicitly ie not through roles granted one of SELECT INSERT UPDATE or DELETE object privileges on all base object underlying the view or corresponding system privileges To grant access to the view The creator must have been granted the privileges to the base tables with Grant Option To access the view The creator must have the proper privilege to the underlying base tables CS426 Fall 2007Lecture 29 12 Stored Procedures Two types of procedures in terms of access control Definer s right procedures lnvoker s right procedures De ner s right procedures A user of a definer s right procedure requires only the privilege to execute the procedure and no privileges on the underlying objects that the procedure access Fewer privileges have to be granted to users resulting in tighter control of database access At runtime the privileges of the owner are always checked CS426 Fall 2007Lecture 29 13 De ner s Right Procedure 39 A user With Create Procedure privilege can effectively share any privilege he she owns With other users Without grant option Just create a definer s right procedure that uses a privilege Then grant Execute privilege to others Create Procedure privilege is very powerful When one grants Execute privilege the system does not check if all the necessary privileges are in fact grantable CS426 Fall 2007Lecture 29 14 Invoker 5 Right Procedure Invoker s right procedures A user of an invoker s right procedure needs privileges on the objects that the procedure accesses lnvoker s right procedures can prevent illegal privilege sharing More like function calls in operating systems CS426 Fall 2007Lecture 29 15 Invoker 5 Right Procedure 39 Invoker s right procedures can be embedded with Trojan Horse Users of invoker s right procedures can blindly run malicious procedures Eg create procedure niceProcedure Authid CurrentUser As Begin Do something useful grant some privileges to me Do something useful End CS426 Fall 2007Lecture 29 16 Why use Roles Two main purposes 1 To manage the privileges for a user group User roles DBA creates a role for a group of users with common privilege requirements DBA grants all the required privileges to a role and then grants the role to appropriate users 2 To manage the privileges for an application Application roles DBA creates a role or a set of roles for an application and grants it all necessary privileges to run the application Then DBA grants the application role to appropriate users CS426 Fall 2007Lecture 29 17 Application Roles 0 How can we secure application roles That is we want application roles to be used only through the associated applications Use a password for the application role and embed the password in the application Then the role can be enabled only by the application Associate the application role with the application ie a package Then the role can be enabled only by a module in the application CS426 Fall 2007Lecture 29 18 User Assignments To grant a role to a user one needs to have the Grant Any Role system privilege or have been granted the role With Admin Option GRANT ROLE clerk TO Alice To revoke a role from a user one needs to have the Grant Any Role system privilege or have been granted the role With Admin Option REVOICE ROLE clerk FROM Alice Users cannot revoke a role from themselves CS426 Fall 2007Lecture 29 19 Permission Assignments 0 To grant a privilege to a role one just needs to be able to grant the privilege GRANT insert ON tablel TO clerk To revoke a privilege from a role one just needs to be able to revoke the privilege REVOKE insert ON tablel FROM clerk 0 No special admin privilege is required It can be a problem since one can make a role unusable by granting many roles to the role to exceed MAXENABLEDROLES 0 Grant Option is not valid when granting an object privilege to a role To prevent the propagation of object privileges through roles CS426 Fall 2007Lecture 29 20 VPD How does it work When a user accesses a table or view or synonym which is protected by a VPD policy function 1 The Oracle server invokes the policy function 2 The policy function returns a predicate based on session attributes or database contents 3 The server dynamically rewrites the submitted query by appending the returned predicate to the WHERE clause 4 The modi ed SQL query is executed CS426 Fall 2007Lecture 29 21 Example Suppose Alice has the following table 3 Employees eid number2 name varchar210 salary nubmer3 eid Name Salary 1 A lice 80 2 Bob 60 3 COM 99 Users can access eid s and names Without any restriction But users can access only their own salary information 08426 Fall 2007Lecture 29 22 Example 1 Create a policy function Create function secfunctronpschema varcharZ pobj varcharZ Return varcharZ As user VARCHAR2100 Begin user SYSCONTEXT userenV SESSIONUSER return name I user end if End CS426 Fall 2007Lecture 29 23 Example 2 Attach the policy function to Employees execute dbmsrlsaddpolicy objectschema gt Alice objectname gt employees policyname gt mypolicy functionschema gt Alice policyfunction gt secfunction secrelevantcols gt salary CS426 Fall 2007Lecture 29 24 3 Bob accesses table Employees select eid name from Employee 6 id Name Alice Bob Car39l cumAl select eid name salary from Employee 9 select eid name salary from Employee Where name 2 Bob I eid I Name I Salary I 2 Bob I 60 CS426 Fall 2007Lecture 29 25 Coming Attractions December 12 Final Exam E C3426 Computer Security CS 426 Lecture 13 J MultiIevel Security Fall 2007Lecture 13 Announcements Project due on Thursday October 4th Midterm exam on Thursday October 18th Collegiate Cyber Defense Competition state optional regional national 2007 participants in Mid West Indiana Tech IN Jackson Community College Ml Baker College Ml Madison Area Technical College WI DePaul University IL 08426 Fall 2007Lecture 13 Review Access Control Concepts Access Matrices Users Principals Subjects Objects Rights Access Control Lists Capabilities Security Enhanced Linux SubDomainAppArmor UMIP CS426 Fall 2007Lecture 13 Review Discretionary Access Control CS426 No precise definition Basically DAC allows access rights to be propagated at subject s discretion often has the notion of owner of an object used in UNIX Windows etc quotA means of restricting access to objects based on the identity and needto know of users andor groups to Which the object belongs Controls are discretionary in the sense that a subject With a certain access permission is capable of passing that permission directly or indirectly to any other subject Fall 2007Lecture 13 4 Mandatory Access Control Mandatory access controls MAC restrict the access of subjects to objects based on a systemwide policy denying users full control overthe access to resources that they create The system security policy as set by the administrator entirely determines the access rights granted CS426 Fall 2007Lecture 13 BellLaPadula Model A MAC Model for Achieving Multilevel Security Introduce in 1973 Air Force was concerned with security in time sharing systems Many 08 bugs Accidental misuse Main Objective Enable one to formally show that a computer system can securely process classified information 08426 Fall 2007Lecture 13 Basic Idea There are security classifications or security levels Usersprincipalssubjects have security clearances Objects have security classifications Example Top Secret Secret Confidential Unclassified In this case Top Secret gt Secret gt Confidential gt Unclassified Security goal confidentiality ensures that information do not flow to those not cleared for that level CS426 Fall 2007Lecture 13 7 What is a Security Model A model describes the system eg a high level specification or an abstract machine description of what the system does A security policy defines the security requirements for a given system Verification shows that a policy is satisfied by a system System Model Security Policy Security Model 08426 Fall 2007Lecture 13 8 Methodology in the BLP Security Model Define an abstract model that can be used to describe computer systems the model Define what does it mean for a system in the model to be secure the policy Develop techniques to prove that a system in the model is secure CS426 Fall 2007Lecture 13 9


Buy Material

Are you sure you want to buy this material for

25 Karma

Buy Material

BOOM! Enjoy Your Free Notes!

We've added these Notes to your profile, click here to view them now.


You're already Subscribed!

Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'

Why people love StudySoup

Jim McGreen Ohio University

"Knowing I can count on the Elite Notetaker in my class allows me to focus on what the professor is saying instead of just scribbling notes the whole time and falling behind."

Janice Dongeun University of Washington

"I used the money I made selling my notes & study guides to pay for spring break in Olympia, Washington...which was Sweet!"

Bentley McCaw University of Florida

"I was shooting for a perfect 4.0 GPA this semester. Having StudySoup as a study aid was critical to helping me achieve my goal...and I nailed it!"


"Their 'Elite Notetakers' are making over $1,200/month in sales by creating high quality content that helps their classmates in a time of need."

Become an Elite Notetaker and start selling your notes online!

Refund Policy


All subscriptions to StudySoup are paid in full at the time of subscribing. To change your credit card information or to cancel your subscription, go to "Edit Settings". All credit card information will be available there. If you should decide to cancel your subscription, it will continue to be valid until the next payment period, as all payments for the current period were made in advance. For special circumstances, please email


StudySoup has more than 1 million course-specific study resources to help students study smarter. If you’re having trouble finding what you’re looking for, our customer support team can help you find what you need! Feel free to contact them here:

Recurring Subscriptions: If you have canceled your recurring subscription on the day of renewal and have not downloaded any documents, you may request a refund by submitting an email to

Satisfaction Guarantee: If you’re not satisfied with your subscription, you can contact us for further help. Contact must be made within 3 business days of your subscription purchase and your refund request will be subject for review.

Please Note: Refunds can never be provided more than 30 days after the initial purchase date regardless of your activity on the site.