Comparative Study of Data Security in Some Database Management Systems
Comparative study of DATA SECURITY IN some database MANAGEMENT SYSTEMS
by
JiaLiang Mao
A Minor Thesis
Submitted in partial fulfillment of the requirements for the degree of
Master of Science in Computer Science
Supervisor:
Dr. Dat Dac Hoang
Victoria University – Sydney City Centre (October, 2012)
RCM6104,RCM6105
Abstract
Recently, database management systems (DBMSs) have become a main component of various kinds of dynamic web and applications. In these DBMSs, there might be stored some significant, sensitive and classified data. The developments of theory and technology in databases have become urgent needs for achieving database system security. Currently there are many DBMSs for users to choose. Therefore it becomes an important issue for people to decide how to choose a suitable database system. This thesis researches some mainstream database systems to compare their security performances, structures, security strategies.
Statement of Originality
I certify that this thesis contains no material which has been accepted for the award of any other degree or diploma in any institute, college or university, and that, to the best of my knowledge and belief, it contains no material previously published or written by another person, except where due references is made in the text of the thesis.
-----------------------------
JiaLiang Mao
October, 2012
Table of Contents
Abstract iii
Statement of Originality iv
Table of Contents v
List of Figures viii
List of Tables ix
Chapter 1 Introduction 1 1.1 Aim and Objectives 1 1.2 Thesis Organization 2
Chapter 2 Background 3 2.1 Comparison of a Variety of DBMSs 4 2.1.1 Microsoft SQL Server 2008 R2 4 2.1.2 MySQL 4 2.1.3 Oracle 11g 5 2.2 Control Access 6 2.2.1 Traditional Database System Access Control 7 2.2.2 Role-Based Access Control 8 2.2.3 Usage Control Access 8 2.3 Encryption 9 2.3.1 Symmetric Key Encryption 9 2.3.2 Asymmetric Key Encryption 9 2.3.3
by
JiaLiang Mao
A Minor Thesis
Submitted in partial fulfillment of the requirements for the degree of
Master of Science in Computer Science
Supervisor:
Dr. Dat Dac Hoang
Victoria University – Sydney City Centre (October, 2012)
RCM6104,RCM6105
Abstract
Recently, database management systems (DBMSs) have become a main component of various kinds of dynamic web and applications. In these DBMSs, there might be stored some significant, sensitive and classified data. The developments of theory and technology in databases have become urgent needs for achieving database system security. Currently there are many DBMSs for users to choose. Therefore it becomes an important issue for people to decide how to choose a suitable database system. This thesis researches some mainstream database systems to compare their security performances, structures, security strategies.
Statement of Originality
I certify that this thesis contains no material which has been accepted for the award of any other degree or diploma in any institute, college or university, and that, to the best of my knowledge and belief, it contains no material previously published or written by another person, except where due references is made in the text of the thesis.
-----------------------------
JiaLiang Mao
October, 2012
Table of Contents
Abstract iii
Statement of Originality iv
Table of Contents v
List of Figures viii
List of Tables ix
Chapter 1 Introduction 1 1.1 Aim and Objectives 1 1.2 Thesis Organization 2
Chapter 2 Background 3 2.1 Comparison of a Variety of DBMSs 4 2.1.1 Microsoft SQL Server 2008 R2 4 2.1.2 MySQL 4 2.1.3 Oracle 11g 5 2.2 Control Access 6 2.2.1 Traditional Database System Access Control 7 2.2.2 Role-Based Access Control 8 2.2.3 Usage Control Access 8 2.3 Encryption 9 2.3.1 Symmetric Key Encryption 9 2.3.2 Asymmetric Key Encryption 9 2.3.3
References: Anwar Pasha Abdul Gafoor Deshmukh, R. Q. (2011). "Transparent Data Encryption- Solution for Security of Database Contents." (IJACSA) International Jounal of Advanced Computer Science and Applications Vol. 2, No.3. B.Navathe, R. E. a. S. (2003). Fundamentals of database systems, Pearson Education, Inc: 735. B.Navathe, R. E. a. S. (2003). Fundamentals of database systems, Pearson Education, Inc: 744. Baron Schwartz, P. Z., Vadim Tkachenko,Jeremy D.Zawodny, Arjen Lentz & Derek J.Balling (June 2008). High Performance MySQL. Taipei, O 'REILLY. Craig, M. a. (2002). Database administration: the complete guide to practices and procedures, Addison-Wesley: 703. Database, O. (2011). "Online Documentation 11g Release 2 (11.2)." from http://www.oracle.com/pls/db112/portal.portal_db?selected=11. David Litchfield, C. A., John Heasman, Bill Grindlay (2005). The Dtabase Hacker 's Handbook Defending Database Servers, While Publishing, Inc. G.Taylor, A. (2010). SQL For Dummies, Wiley Publishing,Inc. Lan Abramson, M. A., Michael J.Corey, Michelle Malcher (2009). Oracle database 11g A beginner 's guide. New York, Mc Graw Hill. MSDN. (2010). "Use SQL Server Management Studio." from http://msdn.microsoft.com/en-us/library/ms174173.aspx. MySQL. (2010). "DownLoad MySQL Installer." from http://www.mysql.com/downloads/installer/. MySQL. (2010). "MySQL Workbench 5.2." from http://www.mysql.com/products/workbench/. Robert Sheldon, G. M. (2005). Beginning MySQL, Wiley Publishing, INC. Samarati, R. S. S. a. P. (september 1994) "Access Control:Princiles and Practice." IEEE Communications Magazine, 4o. Samarati, R. S. S. a. P. (september 1994). "Access Control:Princiles and Practice." IEEE Communications Magazine: 44. T.Silverstein, R. R. a. P. B. a. C. G. a. A. (2010). Microsoft SQL Server 2008 R2, Paul Boger. T.Silverstein, R. R. a. P. B. a. C. G. a. A. (2011). Microsoft SQL Server 2008 R2. K. Gettman, Paul Boger: 336. T.Silverstein, R. R. a. P. B. a. C. G. a. A. (2011). Microsoft SQL Server 2008 R2, Paul Boger. Wessler, C. Z. a. C. R. a. M. (2009). Oracle 11g for Dummies, Wilcy Publishing,Inc. Zoratti, I. (2006). "MySQL Security Best Practice."