» » » » » KEAMANAN DATABASE

KEAMANAN DATABASE

, , , Edit
Penyerangan Database
  • Informasi sensitif yang tersimpan di dalam database dapat terbuka (disclosed) bagi orang‐orang yang tidak diizinkan (unauthorized ). 
  • Informasi sensitif yang tersimpan di dalam database dapat altered in an unacceptable manner  
  • Informasi sensitif yang tersimpan di dalam database dapat inaccessible bagi orang‐orang yang diizinkan.  
  • the underlying operating system may be attacked ‐‐ most difficult problem
Database Inference Problem
  • Malicious attacker may infer sensitive information (that is hidden) from information on adatabase that is deemed not sensitive (made public)  
  • More difficult problem: attacker may infer information combining what’s on the database with what is already known
Database Aggregation Problem
  • Bagian‐bagian informasi tidak sensitive, dan menjadi sensitive ketika digabungkan secarabersamaan.  
  • Controls for the aggregation problem  
    • Honeywell LOCK Data Views (LDV) database system ; pieces of data labeled as 
    • SRI SeaView database system ; pieces of data labeled as sensitive, aggregates may nonsensitive, aggregates labeled as sensitive then be labeled as non sensitive
Polyinstantiation, a Control Against Disclosure
  • This approach involves different views of a database object existing for users with differentsecurity attributes  
  • Addresses the aggregation problem by providing different security labels to different aggregates separately  
  • Addresses the inference problem by providing a means for hiding information that may be used to make inferences
Database Applications on Secure Bases
  • Most database applications rely on underlying services of an operating system
  • Exporting these servicesfroma TCB would enhance the security ofthe database  
    • database keys implemented using security labels from underlying TCB  
    • TCB keeps audit records of operations on database  
    • OS file system protection extended to database

Untuk lebih lanjutnya silahkan buka link dibawah ini. karena materi ini saya simpan di google drive agar anda dapat dengan mudah melihat maupun mendownloadnya dan materi ini saya dapatkan saya masih SMK dulu, biar bermanfaat saya bagikan materinya.

Download

Baca juga artikel dibawah ini karena artikel ini juga berkaitan dengan artikel diatas :


Subscribe to receive free email updates:

0 Response to "KEAMANAN DATABASE "

Post a Comment

Subscribe to: Post Comments (Atom)