Cover
Title Page
Copyright
Dedication
Contents
Preface
Chapter 1: Introduction to Information Security, Data Security, and Database Security
1.1 Information Security
Confidentiality
Integrity
Availability
1.2 Security Threats, Controls, and Requirements
Security threats
Security controls
Security requirements
1.3 Data Security
1.4 Database Security
Data confidentiality
Data integrity
Data Availability
1.5 Summary
Chapter 2: Database Design
2.1 Normalization
2.2 Surrogate Keys and Data Integrity
2.3 Normalization, Access Restrictions, and Beyond
2.4 Summary
Chapter 3: Database Management and Administration
3.1 Backup and Recovery
Backup and restore of a specific database
Backup and restore of multiple specific databases
Backup and restore of specific tables
Backup of users, privileges, and other components
Deciding what to backup
3.2 User Account Security Configurations
Password expiration
Disabling/enabling user accounts
3.3 Summary
Chapter 4: Database User Accounts
4.1. Creating and Removing Database User Accounts
4.2. Listing User Accounts
4.3 Host-Restricted Accounts
4.4 Summary
Chapter 5: Database Privileges
5.1 Overview of Privileges and Database-Level Privileges
5.2 Capability to Manage Privileges
5.3 Listing Privileges
5.4 Removing Privileges
5.5 Working with TLS and Table-Level Privileges
5.6 TLS and Normalization Revisited
5.7 Column Level Security (CLS)
5.8 CLS and Evolving Data Access Requirements and Data
The capability for CEO and CFO to read salary data
The capability for employees to see address data
The capability for executives to keep private notes in the budget table
5.9 Row Level Security
5.10 Summary
Chapter 6: Roles
6.1 Defining Role Members and Data Access Requirements
6.2 Creating a Database Role, Showing Role Privileges, and Removing a Role
6.3 Assigning Privileges to Roles
6.4 Database Users and Role
Adding and removing a database user to a role
Listing, setting, and testing a user's role
The default role
Listing privileges and roles revisited
6.5 Roles and Evolution
A new employee is hired
An employee adds a role or moves to another role
An employee leaves a role or the organization
6.6 Summary
Chapter 7: Database Security Controls for Confidentiality
7.1 Views
Concept of a view
Creating a view
Showing a list of views and a view definition
Accessing the data of a view
Security considerations of a view
Deleting and redefining views
Views and multiple data access requirements
7.2 Encryption, Decryption, and Hashing
Encryption
Decryption
Hashing
Salting
7.3 Stored Routines
Stored functions
Stored procedures
Revisiting the password authentication implementation
7.4 Summary
Chapter 8: Transactions for Data Integrity
8.1 Commits, Rollbacks, and Automatic Commits
8.2 Beginning a Transaction with COMMIT or ROLLBACK
8.3 Beginning a Transaction with START TRANSACTION
8.4 Condition Issued COMMIT or ROLLBACK
8.5 Exception Issued ROLLBACK
8.6 A Larger Demonstration of Transactions
8.7 Summary
Chapter 9: Data Integrity with Concurrent Access
9.1 Concurrent Access and Backups
9.2 Concurrent Access with DML Statements
Table-level locking
Row-level locking
UPDATE locks
SHARE locks
9.3 Deadlock
9.4 Summary
Appendix
Index