Day 19: Database Security and Authorization

Hello Dear Students
  Hope you all are doing good....

Aaj hum database security and authorization ke baare mein study karenge...

Let's get started....

DATABASE SECURITY - 'Security' means protection basically. So database security means protection of database from crash, theft, damage, etc. Database means collection of data and us data ko secure karne ke liye bahut sare mechanism use kiye jate hain. 
Sabse pehle hum study karenge ki database ko damage kon kar sakta hai and then hum uske security mechanisms ko study karenge.

Database can be damaged from-
  1. System Crash
  2. Power failures
  3. Natural Disasters
  4. Intentionally by user
  5. Data theft
  6. Files Corruption, and so on..

DATABASE SECURITY MECHANISMS - Various mechanism hain jinhe use karke hum apne database ko secure kar sakte hain and these are as follows-
  1. Authorization
  2. Authentication
  3. Access Control
  4. DBA
  5. Privileges
  6. Database Roles
  8. Data Encryption
  9. Data Integrity

1. AUTHORIZATION - Authorization means kisi user ko authority provide karni kisi specific data ke liye, and jiske paas authority hogi wohi us specific data ko access kar sakta hai. Mostly DBA is the authorizer. Har ek user jiske paas authority di jati hai wo different tareeke se data ko access kar sakta hai. For example, agar kisi user ke paas only read ki authority hogi then wo only read kar sakta hai and updations nahi kar sakta. Just like that jis user ke paas jo bhi authority hogi wo uske according hi data ko access kar sakta hai.

2. AUTHENTICATION - Authentication and Authorization different terms hain. Authentication means identification simply. Authentication mein ye dekha jata hai ki jo bhi user request kar raha hai wo correct user hai ya nahi. For example, Login Password hi help se authentication hoti hai, agar login password correct hai then user authenticate ho jayega and identify ho jayega ki wo correct user hai and agar login details incorrect hai to woh person data ko access nahi kar payega and wo incorrect user hoga.

3. ACCESS CONTROL -  Access control means which user access which data. Means ye specify karna ki konsa user konsa data access kar sakta hai. Access control bhi basically authority provide karna hi hai. For example, ek company mein CEO poori company details ko access kar sakta hai but ek manager only employees ke data ko access kar sakta hai. So, access control ek database security mechanism hai jisse only authorized persons hi data ko access kar sakte hain.

4. DBA - DBA stands for Database Administrator. DBA ek person/group of persons hote hain jo database ko manage and control karte hain. DBA ki main responsibility hoti hai database ko secure rakhna. So DBA database security provide karne ke liye users ko authorization, privilidges, grant, revoke, ye sab provide karta hai, ye responsibility DBA ki hoti hai.

5. PRIVILEGES - Privileges means users ko 'rights' provide karne data ko create, manipulate, access karne ke. Ye privileges ko grant karne ki responsibility DBA ki hoti hai mostly. Users ko privileges grant karne ke 2 tareeke hain-
  1. Sidha user ko rights de diye jayein data ko access karne ke liye, or
  2. Same Privileges ka ek group bnaa lete hain jise Roles kehte hain, so, grant privileges to roles and then grant that roles to users.
Privileges 2 types ki hoti hai-
  • System Privileges - It is also known as Account level privilege, and these are-  Create table, session, view, change the roles, etc.
  • Object Privileges - It is also known as Table level privilege, and these are- Select, Insert, update, delete, etc.

6. DATABASE ROLES - Related privileges ka ekk group bna diya jata hai jise Roles kaha jata hai. Multiple users ko access grant karna and revoke karna DBA ke liye complex task ho jata hai, so Roles use hote hain access grant and revoke karne ke liye multiple users ko. So different roles bnaye jate hain different access permissions ke liye so it is easy to grant and revoke access to specific multiple users.

7. VIEWS - Views virtual tables hote hain means ye base tables ki copy hote hain basically and database mein exist nahi karte. So, jab kisi user ko permission grant karni hoti hai to views par grant kar di jati hai instead of base tables. Agar base table destroy ho jata hai then view ko bhi access nahi kar sakte and jab view ko access karne lagte hai tab error show ho jata hai. Views are like the shadows of original base table. So, yeh ek bahut powerful security mechanism hai jisse user ko base table ko access nahi kraya jata.

8. DATA ENCRYPTION - Data encryption basic security mechanism hai and data ko encrypt karna means hide kar dena unauthorized users se and wo understandable na ho so that security provide ho sake. Data encryption ek technique hai in which data is encoded and then transmitted. When received, it decode the data. Is technique mein encryption keys ko use kiya jata hai encoding and decoding mein. Jab data encrypted form mein hoga to wo kisi ko bhi understandable nahi hoga and wo data theft nahi ho sakta so thus it provides security to the data. Various keys are-
  • Public key - Public key publicly sab ke liye hoti hai and kisi particular individual ke liye nahi hoti hai. Basically, public key data ko only encrypt karne ke liye use hoti hai and decrypt nahi kar sakti.
  • Private key - Private key sirf particular individuals ke liye hoti hai and publicly sab ke liye nahi hoti. Basically, private key data ko decrypt karne ke liye use ki jati hai. 
Basic question jo public and private key mein se aata hai use understand karte hain-

If A wants to send a private message to B. Then,
  • Encryption is done by A using B's public key.
  • When B receives that message, then, B decrypt the message by using B's own private key.
Jo person message send kar raha hai wo encrypt karke hi message ko send karega to wo encrypt karne ke receiver person ki public key ko use karega and jo person receive karega wo person apni private key ko use karke message ko decrypt karega.

So, This is the very main sentence, example or topic which you have to understand.

9. DATA INTEGRITY - Data integrity means the accuracy or the correctness of the data in the database. Jab multiple users data ko update/modify karte hain to data integrity mein problems aati hai. For example, if age 30 years fill karni ho and galti se 300 years fill ho jaye, or data update karte time power failure ho jaye, and so on. So data integrity ko maintain rakhne ke liye integrity constraints hote hain, like-
  1. Domain Integrity Rules- Domain means set of legal values. Means true/possible values hone chahiye, for example, Gender mein Male or Female, so these are the legal values of gender. So domain integrity provide karta hai so that data incorrect na ho.
  2. Base Table Constraints - Base table constraints mein basically keys constraints aate hain, Candidate key, foreign key and check constraints defintions.
  3. General Constraints - General constraints wo constraints hote hain jo group of columns par lagaye jate hain. For example, age ke column mein age between 18-50 honi chahiye, to general constraint laga denge and galti se bhi age 18-50 na huyi to data fetch nahi kiya jayega and thus provides integrity to the data of the database.

Best of Luck Students,
  Do share, subscribe and comments if you like our efforts.