Download and Preview : Database Security With Focus On Hyperion Database
Report CopyRight/DMCA Form For : Database Security With Focus On Hyperion Database
Database Security with focus on Hyperion DatabaseSupervisor Fadi Mohsen Talk Outline Changes on database security . Database security critical points Database security approaches Hyperion Database HD Security issues Conclusion .7 29 2009 F Mohsen 2 Changes on database security The security of databases has been changed because of theinvention of web Before web databases were easy to protect using the basic.access technique The attacks increased also the type of attacks changed Forexample SQL injection is the most famous attack targetingthe web based database systems the complexity of securing web based database system came.from the huge no of users accessing the web application7 29 2009 F Mohsen 3 Database security critical points The browser does not directly connect to thedatabase but instead transfer a request to a.web server So the database can t identify who isaccessing it What we have Vs What we apply Gap between DB developers and security.7 29 2009 F Mohsen 4 Database security approaches Fine grained Access Control to Web Databases MANDATORY SECURITY IN OBJECT ORIENTEDDATABASE SYSTEMS. Role Based Databases Security ObjectOriented Separation of Duty7 29 2009 F Mohsen 5 Hyperion DatabaseHyperion Enterprise is a database that.contains data that can be used to developand print reports Instead of two dimensional Hyperion DBUses three dimensional Four steps to create database . Create the Cube like create database onstandard database Outline which is create the dimensions Load the data Apply security.7 29 2009 F Mohsen 6 Hyperion DB Security ComponentsAuthentication AuthorizationUser Role basedSecurity Native directories.API Directory7 29 2009 F Mohsen 7 Authentication ScenariosFirst scenario user signs indirectly to the Hyperion.Direct authentication connectsHyperion products to availableuser directories to verify the username and password credentials entered on the Login screen .7 29 2009 F Mohsen 8 Authentication Scenarios Cont Second Scenario Signing infrom external systems 7 29 2009 F Mohsen 9. Provisioning Role Based Authorization Hyperion application security determines user access to products using the concept ofA role is a set of permissions that determines user access to product functions User directories store information about the users who can access Hyperion products Boththe Authentication and the authorization processes utilize user information .Groups are containers for users or other groups You can create and manage NativeDirectory groups from User Management Console 7 29 2009 F Mohsen 10 ConclusionSecurity faces two challenges . Is not being applied every system has it s own security capabilities but people continue un a ware or dismiss them Performance applying security has a negative impact on the performancefor example I did a conversation with a Hyperion database administratorhe told me that when the moved the security from individual application to.central security SSO the performance affected He gave me an example which is applying security to a Hyperion database used to take 5 minutes butafter that 30 minutes 7 29 2009 F Mohsen 11 References. 1 Fine grained Access Control to Web Databases Alex Roichman Ehud Gudes Department of Computer Science Department of Computer Science The Open University Raanana Israel The Open University Raanana Israel and Alexaro1 012 net il Department of Computer Science Ben Gurion University Beer Sheva IsraelEhud cs bgu ac il 2 MANDATORY SECURITY IN OBJECT ORIENTED DATABASE SYSTEMS.M B Thuraisingham The MITRE Corporation Bedford MA 01730 3 Database Security Teresa F Lunt 1 Computer Science LaboratorySRI International Menlo Park California 94025 Eduardo B FernandezDept of Computer Engineering Florida Atlantic University Boca Raton Florida 33431 4 Role Based Databases Security Object Oriented Separation of Duty Matunda Nyanchama Sylvia Osborn. email matunda sylvia csd uwo Ca October 11 1993 5 Hyperion Security Administration Guide Hyperion Release 9 3 1 http download oracle com docs ... 6 An Introduction to Hyperion Database Controller s Department 3607inistrative Services Building http www controller iastate ed... .7 29 2009 F Mohsen 12Hyperion application security determines user access to products using the concept of roles. A role is a set of permissions that determines user access to product functions. User directories store information about the users who can access Hyperion products. Both the Authentication and the authorization processes utilize user information.