๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ

๐Ÿ“š ์ „๊ณต ๊ณต๋ถ€/DB๊ธฐ์ดˆ

[DB] ๋ฐ์ดํ„ฐ๋ฒ ์ด์Šค ๋ณด์•ˆ

728x90

Database Security and Authorization Subsystem

๋ณด์•ˆ ๋ฐ ๊ถŒํ•œ๋ถ€์—ฌ

 

DB security

  1. legal and ethical
  2. policy issues
  3. system-related issues
  4. security levels

Threats to Databases

  1. Loss of integrity : ๋ฌด๊ฒฐ์„ฑ ์ƒ์‹ค
  2. Loss of availability : ๊ฐ€์šฉ์„ฑ ์ƒ์‹ค
  3. Loss of confidentiality : ๊ธฐ๋ฐ€์„ฑ ์ƒ์‹ค

access control, inference control, flow control, encryption

DB security : not an isolated concern

  • multiuser DB system
  • database security and authorization subsystem : ๋ณด์•ˆ ๋ฐ ๊ถŒํ•œ๋ถ€์—ฌ ํ•˜์œ„์‹œ์Šคํ…œ
    • Discretionary : ์ž„์˜์  ๋ณด์•ˆ ๋ฉ”์ปค๋‹ˆ์ฆ˜
    • Mandatory : ๊ฐ•์ œ ๋ณด์•ˆ ๋งค์ปค๋‹ˆ์ฆ˜

Control measures

  1. Access control : ์ ‘๊ทผ์ œ์–ด
  2. Inference control : ์ถ”๋ก ์ œ์–ด
  3. Flow control : ํ๋ฆ„์ œ์–ด
  4. Data encryption : ์•”ํ˜ธํ™”

Access control : ๋กœ๊ทธ์ธ ์ œ์–ด

Inference control : ํ†ต๊ณ„ DB์— ๋Œ€ํ•œ ๋ณด์•ˆ (statistical DB)

Flow control : covert channels (๋ถˆ๋ฒ• ๋น„๋ฐ€๊ฒฝ๋กœ)๋ฅผ ๋ง‰๊ธฐ ์œ„ํ•ด

Data encryption : ๋„คํŠธ์›Œํฌ ์ „์†ก์‹œ ๋ฏผ๊ฐ ๋ฐ์ดํ„ฐ ๋ณดํ˜ธ

 

DBA’s responsibilities

granting pricileges to users : ๊ถŒํ•œ ๋ถ€์—ฌ

classifying users and data : ์œ ์ € ๋ฐ ๋ฐ์ดํ„ฐ์˜ ๋ถ„๋ฅ˜

  • account creation → access control
  • privilege granting → discretionary control (์žฌ๋Ÿ‰ ์ œ์–ด)
  • privilege revocation → discretionary control (์žฌ๋Ÿ‰ ์ œ์–ด)
  • security level assignment → mandatory control (์˜๋ฌด ์ œ์–ด)

Access protection and DB audits : ์ ‘๊ทผ ๋ณดํ˜ธ์™€ DB ๊ฐ์‚ฌ

  • account number and pw
  • system log : recovery data, user acct, device ID
    • ๋ชจ๋“  ์ž‘์—…์„ ์ถ”์ 
  • DB ๊ฐ์‚ฌ : audit trail (๊ฐ์‚ฌ ์ถ”์ ) - ์ฃผ๋กœ ๋ณด์•ˆ ๋ชฉ์ ์˜ log

Discretionary Access control based on Granting and Revoking Privileges : ์ž„์˜์ ‘๊ทผ ์ œ์–ด

๊ถŒํ•œ๋ถ€์—ฌ ์‹๋ณ„์ž authorization = user = account

two level for assigning pricileges to use the DBS

  1. the account level : ๊ฐ ๊ณ„์ •์˜ db์™€์˜ ๊ด€๊ณ„ ๋ฐ ๊ถŒํ•œ์„ ์ง€์ •
  2. the relation level : db์˜ ๊ฐœ๋ณ„ ๊ด€๊ณ„๋‚˜ ๋ณด๊ธฐ์— ์ ‘๊ทผํ•  ์ˆ˜ ์žˆ๋Š” ๊ถŒํ•œ ์ œ์–ด

The privileges at the account level

privileges at the relation level

defined for SQL2

Access matrix model

  • authorization table : ๊ถŒํ•œ๋ถ€์—ฌ ํ…Œ์ด๋ธ”

Grant and Revoke mechanism : ๊ถŒํ•œ ์ฃผ๊ธฐ ๋ฐ ๋บ๊ธฐ

→ Grant ๊ถŒํ•œ [On object] To users

[With Grant Option] : ๊ถŒํ•œ์„ ๋‹ค๋ฅธ ์œ ์ €์—๊ฒŒ ์ค„ ์ˆ˜ ์žˆ์Œ

→ Revoke ๊ถŒํ•œ [On object] From users

view์— ๋Œ€ํ•œ ๊ถŒํ•œ : ์—…๋ฐ์ดํŠธ/์‚ฝ์ž…์€ ํŠน์ • ์†์„ฑ๋งŒ ๊ถŒํ•œ์ฃผ๊ธฐ ๊ฐ€๋Šฅ but ์‚ญ์ œ ๋ฐ ์„ ํƒ ๊ถŒํ•œ์€ ๋”ฐ๋กœ ์ง€์ •ํ•˜๋ ค๋ฉด view ์‚ฌ์šฉํ•ด์•ผํ•จ

 

Mandatory Access Control and Role Based Access Control for multilevel security : ๊ฐ•์ œ์ ‘๊ทผ๊ถŒํ•œ๊ณผ ์—ญํ• ๊ธฐ๋ฐ˜ ์ ‘๊ทผ ์ œ์–ด

 

Discretionary access control (DAC)

  • granting and revoking privileges
  • all or nothing method

Mandatory access control (MAC)

  • ๋ถ„๋ฅ˜ ํ›„ ๋ฉ€ํ‹ฐ๋ ˆ๋ฒจ ๋ณด์•ˆ๊ธฐ๋ฒ•

Data Classification Scheme : ๋ฐ์ดํ„ฐ ๋ถ„๋ฅ˜ ๊ธฐ๋ฒ•

  • independent control
  • data classification level (security classes)
    • TS > S > C > U
    • user clearance level : ๋™์ผ
  • ์ •๋ณด๋ ˆ๋ฒจ ๋งค์นญ์„ ํ†ตํ•œ ๋ณด์•ˆ๊ธฐ๋ฒ•

the Bell-Lapadula Model

class(S) : subject S (user level)

class(O) : object level

 

restrictions

  1. ์œ ์ €๋ ˆ๋ฒจ ≥ ๊ฐ์ฒด๋ ˆ๋ฒจ : ์ฝ๊ธฐ ๊ฐ€๋Šฅ
  2. ์œ ์ €๋ ˆ๋ฒจ ≤ ๊ฐ์ฒด๋ ˆ๋ฒจ : ์“ฐ๊ธฐ ๊ฐ€๋Šฅ (์›๋ž˜ ๋ฐ์ดํ„ฐ์˜ ๋ ˆ๋ฒจ์„ ๋‚ฎ์ถœ ์ˆ˜ ์—†๊ฒŒ)

Role-Based access control

RBAC : ๊ทœ๋ชจ๊ฐ€ ํฐ ์‹œ์Šคํ…œ์„ ๊ด€๋ฆฌ

  • permissions are associated with roles, and users are assigned to appropriate roles
  • CREATE ROLE and DESTROY ROLE commands
  • RBAC can be used with DAC, MAC
  • ์ง€์ •๋œ ์—ญํ• ์— ์žˆ๋Š” ๊ถŒํ•œ ์žˆ๋Š” ์‚ฌ์šฉ์ž๋งŒ ํŠน์ • ๋ฐ์ดํ„ฐ ๋˜๋Š” ๋ฆฌ์†Œ์Šค์— ๋Œ€ํ•œ ์•ก์„ธ์Šค ๊ถŒํ•œ์„ ๊ฐ€์ง‘๋‹ˆ๋‹ค.

Treats to a DB system

  1. SQL injection : SQL ์ฃผ์ž…
  2. Unauthorized privilege escalation : ๋ฌด๋‹จ ๊ถŒํ•œ์ƒ์Šน
  3. Privilege abuse : ๊ถŒํ•œ ๋‚จ์šฉ
  4. Denial of service (DOS) : ์„œ๋น„์Šค ๊ฑฐ๋ถ€
  5. Weak Authentication : ์ทจ์•ฝํ•œ ์ธ์ฆ

 

SQL injection methods

sql ์— string์„ ์ฃผ์ž…ํ•ด์„œ ์ƒํƒœ๋ฅผ ๋ณ€๊ฒฝ

manipulation attack, code inject, function call inject

 

 

Risks associated with SQL injection : ์œ„ํ—˜ ์š”์†Œ

  • DB ํ•‘๊ฑฐํ”„๋ฆฐํŒ…
  • ์„œ๋น„์Šค ๊ฑฐ๋ถ€
  • ์ธ์ฆ ๋ฌด์‹œ
  • ์ฃผ์ธ๊ฐ€๋Šฅํ•œ ํŒŒ๋ผ๋ฏธํ„ฐ ์‹๋ณ„
  • ์›๊ฒฉ ๋ช…๋ น์‹คํ–‰
  • ๊ถŒํ•œ ์ƒ์Šน ์ˆ˜ํ–‰

Protection techniques against sql injection

  • Bind Cariables (using parameterized statements)
  • Filtering Input (input validation)
  • Function Security

Data encryption : ์•”ํ˜ธํ™”

 

Data Encryption Standard : DES

provide end-to-end encryption between the sender and receiver

hybrid scheme of

  • substitution procedure : ๋Œ€์ฒด ์•”ํ˜ธํ™” ํ‚ค
  • permutation : ์ผ๋ฐ˜ ๋ฌธ์ž๋ฅผ ์žฌ์ •๋ ฌ

for 16 cycles

hw or sw

 

Block encryption technique

divide text into 64 bit blocks of plaintext

56-bit number

 

AES : Advanced Encryption Standards

  • can use keys of 128, 192, 256 bits

Symmetric Key Algorithms

a secret key algorithm

๋‚ด์šฉ ์•”ํ˜ธํ™”

Public (Asymmetric) Key Encryption

  • encryption key : public(open) key
  • decryption key : private (secret) key
  • ํ•ด๋…ํ‚ค๋ฅผ ๊ฐ€์ง€๊ณ  ์•”ํ˜ธํ‚ค ์ถ”๋ก  = ๊ฐ€๋Šฅ
  • ์•”ํ˜ธํ‚ค๋กœ ํ•ด๋…ํ‚ค ์ถ”๋ก  = ๋ถˆ๊ฐ€๋Šฅ

the RSA public key Encryption Algorithm

  • RSA scheme : ์‚ฌ๋žŒ ์ด๋ฆ„์„ ๋•€
  • ํ”„๋ผ์ž„ ๋„˜๋ฒ„ & ์†Œ์ธ์ˆ˜๋ถ„ํ•ด ์ด์šฉ

 

Digital signature and Certificates : ๋””์ง€ํ„ธ ์„œ๋ช…๊ณผ ์ธ์ฆ์„œ

728x90