Skip to content

MohammedAhmed-01/Access-Control-and-Inference-Control-in-Database-Security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

5 Commits
.gitignore
.gitignore
Β 
Β 
Database Security Fall 2025 Task.pdf
Database Security Fall 2025 Task.pdf
Β 
Β 
Datasecurity_Universty_DB.sql
Datasecurity_Universty_DB.sql
Β 
Β 
README.md
README.md
Β 
Β 

Repository files navigation

πŸ“Œ Access Control & Inference Control in Database Security

A practical implementation project demonstrating how to secure database systems using Access Control mechanisms and Inference Control techniques. This repository includes SQL scripts, examples, and documentation to explain how different security models work and how to protect sensitive information from direct and indirect disclosure.

πŸš€ Project Overview

This project explores two core components of database security:

  1. Access Control

Ensuring that users can only view or modify data they are authorized to access. Includes implementations of:

Role-Based Access Control (RBAC)

Discretionary Access Control (DAC)

Mandatory Access Control (MAC) (conceptual explanation)

SQL privilege management (GRANT, REVOKE)

  1. Inference Control

Protecting sensitive data from being inferred through aggregate queries or statistical techniques. Includes:

Aggregation attack examples

Tracker & differencing attacks

Query restriction rules

Secure view creation

Noise addition & anonymization concepts

🧠 What This Repository Contains

βœ”οΈ SQL scripts for creating users, roles, and privileges

βœ”οΈ Access control examples (RBAC, DAC)

βœ”οΈ Example of inference attacks and how to prevent them

βœ”οΈ Secure view creation to block sensitive queries

βœ”οΈ A complete practical assignment report

βœ”οΈ Documentation explaining each security mechanism

πŸ“ Repository Structure

. β”œβ”€β”€ access_control/

β”‚ β”œβ”€β”€ create_roles.sql

β”‚ β”œβ”€β”€ grant_permissions.sql

β”‚ β”œβ”€β”€ revoke_permissions.sql

β”‚ └── dac_rbac_examples.sql

β”‚ β”œβ”€β”€ inference_control/

β”‚ β”œβ”€β”€ aggregation_attack.sql

β”‚ β”œβ”€β”€ differencing_attack.sql

β”‚ β”œβ”€β”€ secure_views.sql

β”‚ └── query_restrictions.sql β”‚

β”œβ”€β”€ docs/

β”‚ β”œβ”€β”€ Practical_Assignment_Report.pdf

β”‚ └── Explanation.md

β”‚

└── README.md πŸ› οΈ Technologies Used

Sql Server / SSMS

SQL (Roles, Privileges, Views)

Database Security Concepts

🎯 Learning Outcomes

By using this project, students will understand how to:

Enforce fine-grained access control in databases

Prevent sensitive data leakage through inference attacks

Apply secure query design principles

Implement practical database security solutions

πŸ“ License

This project is open-source and intended for academic and learning purposes.

About

Access control and inference control are essential for protecting sensitive database information. Access control ensures users only see what they are authorized to view, while inference control prevents attackers from deducing confidential data indirectly. Implementing both mechanisms together results in a robust and secure database environment.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages