Database Security and Auditing 2005 PDF

Sam Afyouni Database Security and Auditing: Protecting Data Integrity and Accessibility. Thomson. ISBN: 0-619-21559-3, 2005.  Security violations and attacks are increasing globally.  You serve as a database administrator to enforce security policies. Responsibilities can be: ◦ Design and implement a new DB security policy. ◦ Enforce a stringent security policy. ◦ Implement functional specification of a module, i.e. encrypt the stored data, replace sensitive data using the data masking pack. 2  Security measures ◦ Prevent physical access to the servers where the data resided. ◦ Operating systems require authentication of the identity of computer users. ◦ Implement security models that enforce security measures.  DBA should manage databases and implement security policies to protect the data (assets). 3  Define security  Describe an information system and its components  Define database management system functionalities  Outline the concept of information security 4  Identify the major components of information security architecture  Define database security  List types of information assets and their values  Describe security methods 5  Database security is the degree to which all data is fully protected from tampering or unauthorized acts. However, this definition is not entirely complete.  To fully understand the definition, you need to take a quick tour of various information systems and information security concepts. 6  Wise decisions are not made without accurate and timely information.  At the same time, the integrity of that information depends on the integrity of its source data and the reliable processing of that data.  Data is processed or transformed by a collection of components working together to produce and generate accurate information. These components are known as an information system.  Categorized based on usage: low-level, mid-level and high-level 7 8  lower-level management uses information systems that assist management and employees with operational tasks, such as inventory systems or point-of-sale (POS) systems.  Middle-level management uses systems that deal with midterm goals, such as a forecasting system that project sales for the following quarter.  Upper-level management works with systems that assist with long-term goals, such as business model simulation and reasoning. 9  Information system components include: Data: Collected data and facts used as input for system processing, and data stored in the database for future reference or processing Procedures: Includes manual procedures, guidelines, business rules, and policies implemented in the system or used as part of the system Hardware: Computer systems and devices such as disks, chips, faxes, scanners, and printers Software: Application code, languages used to develop code, database management system, operating system used, and any other utilities or tools Network: A communication infrastructure to connect client processes to the system People: Users, managers, business analysts, programmers, system analysts,database administrators, and system administrators 12 13  Client/server architecture: ◦ Based on the business model ◦ Can be implemented as one-tier; two-tier; n-tier ◦ Composed of three layers  Tier: physical or logical platform  Database management system (DBMS): collection of programs that manage database 14 15  As the database is an integral part of an information system, the need for reliable and efficient programs to manage the database becomes essential to the success of the information system  DBMS functionalities: ◦ Organize data ◦ Store and retrieve data efficiently ◦ Manipulate data (update and delete) ◦ Enforce referential integrity and consistency ◦ Enforce and implement data security policies and procedures ◦ Back up, recover, and restore data 16  DBMS Environment components include: ◦ Data ◦ Hardware ◦ Software ◦ Networks ◦ Procedures ◦ Database servers 17 18  Information is one of an organization’s most valuable assets  Information security: consists of procedures and measures taken to protect information systems components  C.I.A. triangle: confidentiality, integrity, availability  Security policies must be balanced according to the C.I.A. triangle 19 20  Addresses two aspects of security: ◦ The first aspect is the prevention of unauthorized individuals from knowing or accessing secret information. ◦ The second aspect is the process of safeguarding confidential information and disclosing secret information only to authorized individuals by means of classifying information.  company information classify into levels: ◦ Each level has its own security measures ◦ Usually based on degree of confidentiality necessary to protect information 21 22  For information integrity to exist, the data upon which it is based must be consistent and accurate throughout the system.  Information has integrity if: ◦ It is accurate ◦ It has not been tampered with‫لم يتم العبث به‬  Read consistency: each user sees only his changes and those committed by other users  ‫ يرى كل مستخدم فقط تغييراته وتلك التي قام بها‬:‫اتساق القراءة‬ ‫المستخدمون اآلخرون‬ 23 25 ‫شذوذ البيانات‬ ‫‪26‬‬ 27  Systems must be always available to authorized users  Systems determines what a user can do with the information 28  Reasons for a system to become unavailable: ◦ External attacks and lack of system protection ◦ System failure with no disaster recovery strategy ◦ Overly stringent and obscure security policies ‫سياسات أمنية صارمة للغاية ومبهم‬ ◦ Bad implementation of authentication processes 29  Protects data and information produced from the data  Model for protecting logical and physical assets 30 31  The architecture's components range from physical equipment to logical security tools and utilities  Components include: ◦ Policies and procedures ◦ Security personnel and administrators ◦ Detection equipments ◦ Security programs ◦ Monitoring equipment ◦ Monitoring applications ◦ Auditing procedures and tools 32  Security measures ◦ Keep information private from outside viewing ◦ Maintain consistency of data ◦ Ensure resources remain at a high degree of availability  Key to achieving effective data security architecture ◦ Organization must maintain confidentiality, integrity, and availability of its environment 33  For a system to provide confidentiality, it needs to do two things: ◦ Ensure that information maintains its privacy by limiting authorized access to resources ◦ Block unauthorized access to resources  The confidentiality of resources on a database system is protected through the use of authentication and access controls.  For example, an administrator can use a person’s login information to restrict that person’s access within a database or a database environment and therefore maintain confidentiality. 34  Confidentiality requirements ◦ Ensure information remains private by limiting authorized access to resources ◦ Block unauthorized access to resources  Confidentiality protected using authentication and access controls ◦ State and federal laws may apply to these measures  Breaches in confidentiality could result in: ◦ Stolen identity ◦ Exposed business trade secrets 35  Integrity within a database refers to the reliability, accuracy, and consistency of the data stored within and retrieved from the database.  A database’s integrity is protected by preventing both unauthorized and authorized modifications, whether accidental or deliberate, that might cause the database storage or retrieval to be unreliable and inconsistent. 36  Integrity ◦ Reliable, accurate, and consistent data stored in and retrieved from the database ◦ Protected by preventing accidental or deliberate modifications ◦ Most difficult item to measure  Auditing used to compare data with older, backed-up versions of the data  Results of integrity breaches ◦ Unreliable data, flawed programs, system failures 37  Availability ◦ Maintaining accessible network or database resources ◦ Business cannot operate without it  Must identify potential threats to availability ◦ Assess threat level ◦ Plan appropriate intervention ◦ Example of threats: technical failures, natural disasters, intrusions, user-caused harm 38  Database security ◦ Set of established procedures, standards, policies, and tools ◦ Protects against theft, misuse, and attacks ◦ Deals with permission and access to the data structure  Common vendor features for database security ◦ Database-level access control ◦ Database-level authentication ◦ Data storage encryption 39  Enforce security at all database levels  Security access point: place where database security must be protected and applied  Data requires highest level of protection; data access point must be small 40 all the major access points within a database environment where security measures must be implemented and audited. 41 44  People: individuals who have been granted privileges and permissions to access applications, networks, servers, databases, data files and data.  Applications: application design and implementation, which includes privileges and permissions granted to people. Be cautious because too loose permission results in violation of data access, and too strict permission compromises availability.  Network is the most sensitive security access point. Use best effort to protect the network. 45  Operating system: the authentication to the system and the gateway to the data.  DBMS: logical structure of the database, include memory, executables, and other binaries.  Data files: to be protected through the use of permissions and encryption.  Data: need to enforce data integrity, and necessary privileges. 46  Reducing access point size reduces security risks  Security gaps: points at which security is missing  Vulnerabilities: kinks ‫مكامن الخلل‬in the system that can become threats  Threat: security risk that can become a system breach (‫خرق‬brēCH) 47 48  Relational database: collection of related data files  Data file: collection of related tables  Table: collection of related rows (records)  Row: collection of related columns (fields) The structure of the database is organized in levels, and each level can be protected by a different security mechanism 49  For instance, a column can be protected by using a VIEW database object.  The data provided by the view object is protected by the database system functionality that allows schema owners to grant or revoke privileges.  The data files are protected by the database and that protection is enforced by operating system file permissions.  Finally, the database is secured by the database management system through the use of user accounts and password mechanisms as well as by the privileges and permissions of the main database functions-database shutdown, creating user accounts, and database backup and recovery, to name a few. 50 By database management system through user accounts and password Through file permission Schema owners/security administrator grant or revoke privileges 51  Security vulnerability: a weakness in any information system component 52 Category Description Examples Installation and This type of vulnerability results Incorrect application configuration from using a default installation configuration that may result in and configuration that is known application malfunction publicly and usually does not Failure to change default enforce any security measure. passwords Improper configuration or Failure to change default installation may result in security permissions and privileges risk. User mistakes These refer to carelessness in Lack of auditing controls implementing procedures, failure Untested disaster recovery plan to follow through, or accidental Lack of activity monitoring errors. Lack of protection against malicious code Lack of applying patches as they are released Software Refers to vulnerabilities found in Software patches are not applied commercial software for all types Software contains bugs of programs System administrator do not keep track of patches Design and Refers to improper software System design errors implementation analysis and design as well as Not developing of exception coding problems and deficiencies. handlers Input data is validated 53  Security threat: a security violation‫ انتهاك‬or attack that can happen any time because of a security vulnerability. 54 55 56  Security risk: a known security gap left open. 57 58 59  People always tend to protect assets regardless of what they are.  The degree of protection we provide is directly based on how much we value the assets. Assets are the infrastructure of the company operation.  Depending on the type of asset and how much the company values it, the company builds security policies and procedures and executes actions to protect these assets. 60  Types of assets include: ◦ Physical: tangible assets including buildings, cars, hardware, … ◦ Logical: such as business applications, in- house programs, purchased software, databases, … ◦ Intangible: business reputation, public confidence, … ◦ Human: human skills, knowledge, expertise, … 61 62 63 64 The following figure shows the security process that consists of phases similar to those of most software engineering methodologies, except the focus in each phase is security. 65  Identification: investigate resources required and policies to be adopted  Assessment: analysis of vulnerabilities, threats, and risks  Design: results in a blueprint of the adopted security model that is used to enforce security ‫ينتج عنه مخطط لنموذج األمان المعتمد والمستخدم لفرض األمن‬   Implementation: code is developed or tools are purchased to implement.  Evaluation: test your system against typical software attacks, hardware failures, natural disasters, and human errors.  Auditing: security audits should be performed periodically. 66  Security: level and degree of being free from danger and threats  Database security: degree to which data is fully protected from unauthorized tampering  Information systems: backbone of day-to- day company operations 67  DBMS: programs to manage a database  C.I.A triangle: ◦ Confidentiality ◦ Integrity ◦ Availability  Secure access points  Security vulnerabilities, threats and risks  Information security architecture ◦ Model for protecting logical and physical assets ◦ Company’s implementation of a C.I.A. triangle  Enforce security at all levels of the database 68  Data is processed or transformed by a collection of components working together to produce and generate accurate information. These components are known as a(n) _____________. ◦ information system ◦ database ◦ DBA ◦ operating system  The concept behind a(n) __________________ application is based on the business model of a customer ordering a service or product and the representative of a business granting that request. ◦ information system ◦ C.I.A. triangle ◦ DBMS ◦ client/server  _____________________________ is a model for protecting logical and physical assets. 69  A ____________________ is a place where database security must be protected and applied. ◦ Security gap ◦ Security access point ◦ Security threat ◦ Security vulnerability  A ____________________ is a security violation or attack that can happen any time because of a security vulnerability. ◦ Security risk ◦ Security privilege ◦ Security policy ◦ Security threat  _____________________________ is a collection of security policies and procedures, data constraints, security methods, and security tools blended together to implement all necessary measures to secure the integrity, accessibility, and confidentiality of every component of the database environment. 70

Database Security and Auditing 2005 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue