Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Course Code
Course Title
Course Planner
INT515
DATABASE SECURITY
15857::Nitin Umesh
Course Orientation
Lectures
3.0
TextBooks
Sr No
Title
Author
Edition
Year
Publisher Name
T-1
Afyouni Hassan A.
1st
2013
CENGAGE LEARNING
Year
Publisher Name
Reference Books
Sr No
Title
Author
Edition
R-1
Nina Godbole
1st
WILEY
Other Reading
Sr No
OR-1
https://www.owasp.org/index.php/Preventing_SQL_Injection_in_Java ,
OR-2
www.w3schools.com/sql/sql_injection.asp ,
OR-3
https://crypto.stanford.edu/cs155/papers/cowan-vulnerability.pdf ,
Relevant Websites
Sr No
Salient Features
RW-1
https://www.cs.purdue.edu/homes/ake/cs348/Chapter23.ppt
RW-2
dsl.serc.iisc.ernet.in/publications/conference/secncs96.ps.gz
RW-3
https://www.math.uni-bielefeld.de/ahlswede/homepage/public/234.pdf
RW-4
isaac.doctor-gabriel.com/MSIS626_Touro/OSSecurity.ppt
RW-5
www.ines-conf.org/ines-conf/59_INES2004.pdf
RW-6
https://www.owasp.org/index.php/Top_10_2013-Top_10
OWASP TOP 10
0.0
3.0
Spill Over
Week 1
Lecture 1
Security architecture
(overview of information
security(cia))
T-1:Chapter 1
Lecture 2
Security architecture
(database security and
levels)
T-1:Chapter 1
Lecture 3
Security architecture
(security methods)
T-1:Chapter 1
RW-3
Database security
methodology and its
essential aspects
Overview database
Discussion
security methodology
In order to prevent
unintended activities
in database security
Lecture 4
Security architecture(asset
types and their values)
T-1:Chapter 1
R-1:Chapter 1
RW-1
Introduction of asset
types and their values
and brainstorming
Session on some handson projects and case
studies
Understanding of
various hands-on
projects and case
studies of database
security
Discussion
Security architecture
(overview of some hands-on
projects and case studies)
T-1:Chapter 1
R-1:Chapter 1
RW-1
Introduction of asset
types and their values
and brainstorming
Session on some handson projects and case
studies
Understanding of
various hands-on
projects and case
studies of database
security
Discussion
T-1:Chapter 2
Basic function of
operating system
To initiate study of
Discussion
operating system
security fundamentals
covering basic
function of operating
system
Week 2
Lecture 5
Lecture Description
Creating a new
user for LPU
UMS as an
application
operating
system security
Week 2
Lecture 6
Week 3
Lecture 7
RW-4
Various authentication
modes and components
of operating system
security environment
About Database
Discussion
Authentication,
Advantages of
Database
Authentication ,
Creating a User Who
is
Authenticated by the
Database, Using the
Operating System to
Authenticate Users
Various authentication
modes and components
of operating system
security environment
About Database
Discussion
Authentication,
Advantages of
Database
Authentication ,
Creating a User Who
is
Authenticated by the
Database, Using the
Operating System to
Authenticate Users
Authentication
as used in SQL
Server
Study of
segregated roles
among owners,
custodians and
users w.r.t.
schema objects
Administration of users
(creating Users)
T-1:Chapter 3
Administration of users
(creating a sql server Users)
T-1:Chapter 3
Week 3
Lecture 8
Administration of users
(creating a sql server Users)
T-1:Chapter 3
Administration of users
(creating Users)
T-1:Chapter 3
Administration of users
(modifying users)
T-1:Chapter 3
T-1:Chapter 3
Dropping a User
Account , Using Data
Dictionary Views,
Listing All Users,
Listing All Tablespace
Quotas, Listing All
Profile and Assigned
Limits, Viewing
Memory User for Each
User Session
T-1:Chapter 3
Discussion
T-1:Chapter 3
Database link
architecture and
authentication methods
Discussion
Lecture 9
Week 4
Week 5
Lecture 13
Test1
Study of
segregated roles
among owners,
custodians and
users w.r.t.
schema objects
Understanding of
database link
architecture and
authentication
methods
Facebook
account
handling
Week 5
Week 6
Week 7
T-1:Chapter 3
Understanding of
Discussion
database link
architecture and
authentication
methods and Remote
server
T-1:Chapter 4
Creating profiles
through various
platforms
Importance of
defining and using
profiles
T-1:Chapter 4
T-1:Chapter 4
RW-2
Discussion and
demonstration
Discussion
Study of
segregated roles
among owners,
custodians and
users w.r.t.
schema objects
T-1:Chapter 4
Learning concept of
creating, assigning and
revoking user roles
Facebook
account
handling
T-1:Chapter 4
Learning concept of
creating, assigning and
revoking user roles
Facebook
account
handling
Preventing
unauthorized users
from any access
SPILL OVER
Week 7
Lecture 20
Spill Over
Lecture 21
Spill Over
MID-TERM
Week 8
T-1:Chapter 5
RW-5
demonstration
segregation of
user role
T-1:Chapter 5
RW-5
Various application
Concept of various
demonstration
types where security can application types
be enforced
where security can be
enforced
access models
Week 8
T-1:Chapter 5
Week 9
T-1:Chapter 5
Lecture 26
Lecture 27 Virtual private databases
(overview of virtual private
databases)
RW-5
demonstration
Role of encryption in
database security
choosing encryption
at the application
level, the database
level, or the storage
level
demonstration
storing
confidential data
Learn about
preventing or
permiting the user
from accessing data
through the
application
demonstration
Maintaining
information
about account
number to
retrieve the
salary of the
employee in
LPU UMS
Test2
T-1:Chapter 6
Introduction of virtual
private databases
T-1:Chapter 6
demonstration
T-1:Chapter 6
Implementation of
Virtual Private Database
using application
context
Application context
can be used with
fine-grained access
control as part of
Virtual Private
Database (VPD) or
by itself
demonstration
T-1:Chapter 6
T-1:
the detailed
classification of audit
will be discussed
T-1:Chapter 7
Study of open
Security Checklists
and
Recommendations
Term Paper,Test3
Discussion
Application of
Virtual Private
Database
SQL Server
offers RLS/CLS
- short for Row
Level Security /
Cell Level
Security
OR-1
RW-6
Understanding a
powerful awareness
document for web
application security
Discussion and
demonstration
OR-1
RW-6
Understanding a
powerful awareness
document for web
application security
Discussion and
demonstration
OR-1
RW-6
Understanding a
powerful awareness
document for web
application security
Discussion and
demonstration
OR-2
Study of a code
injection technique
OR-2
Study of a code
injection technique
OR-3
RW-6
OR-3
RW-6
SPILL OVER
Week 14 Lecture 41
Spill Over
Lecture 42
Spill Over
Week 15 Lecture 43
Spill Over
Lecture 44
Spill Over
Week 15 Lecture 45
Spill Over
Frequency
Test
Out Of
2
Total :-
10
20
10
20
Objective
Evaluation Mode
Allottment /
submission Week
Test1
To check the
Syllabus from week 1 to week 4
understanding as
well as performance
of the students based
upon the concepts
taught
Individual
All questions of 5
marks each or in
multiples of 5
4/5
Test2
To check the
Syllabus from week 5 to week 9
understanding as
well as performance
of the students based
upon the concepts
taught
Individual
7/9
Test3
To check the
Syllabus from week 10 to week 12
understanding as
well as performance
of the students based
upon the concepts
taught
Individual
11 / 12