Transcript chap16
Chapter 16
Security
Chapter 16 - Objectives
The
scope of database security.
Why database security is a serious concern
for an organization.
The type of threats that can affect a database
system.
How to protect a computer system using
computer-based controls.
How to protect a computer system using
non-computer-based controls.
The purpose and main stages of risk
analysis.
The purpose of data protection and privacy
laws.
2
Database Security
Data
is a valuable resource that must be
strictly controlled and managed, as with any
corporate resource.
Part or all of the corporate data may have
strategic importance and therefore needs to
be kept secure and confidential.
Protection of the database against
intentional or unintentional threats using
computer-based or non-computer-based
controls.
Security considerations do not only apply to
the data held in a database. Breaches of
security may affect other parts of the
system, which may in turn affect the
database.
4
Database Security
Involves measures to avoid:
Theft and fraud
Loss of confidentiality (secrecy)
Loss of privacy
Loss of integrity
Loss of availability
Threat
–
Any situation or event, whether
intentional or unintentional, that
will adversely affect a system and
consequently an organization.
6
Examples of Threats
8
Summary of Threats to Computer
Systems
9
Typical Multi-user Computer
Environment
10
Countermeasures – Computer-Based
Controls
Authorization
Views
Backup
and recovery
Integrity
Encryption
Associated procedures
11
Countermeasures – Computer-Based
Controls
Authorization
– The granting of a right or privilege, which
enables a subject to legitimately have access to a
system or a system’s object.
Authentication
– A mechanism that determines whether a user is,
who he or she claims to be.
View
– Is the dynamic result of one or more relational
operations operating on the base relations to
produce another relation.
A view is a virtual relation that does not actually
exist in the database, but is produced upon
request by a particular user, at the time of
request.
12
Countermeasures – Computer-Based
Controls
Backup
–
Process of periodically taking a copy of the
database and log file (and possibly programs)
to offline storage media.
Journaling
–
Process of keeping and maintaining a log file
(or journal) of all changes made to database to
enable effective recovery in event of failure.
Checkpointing
–
Point of synchronization between the database
and the transaction log file. All buffers are
force-written to secondary storage.
Integrity
–
Prevents data from becoming invalid, hence
giving misleading or incorrect results.
14
Countermeasures – Computer-Based
Controls
Encryption
–
The encoding of the data by a special
algorithm that renders the data
unreadable by any program without the
decryption key.
Associated
Procedures
Authorization and Authentication
Backup
Recovery
Audit
Installation of new application software
Installation/upgrading of system software
16
Countermeasures – Non-ComputerBased Controls
Concerned
with matters such as policies,
agreements, and other administrative
controls and includes:
– Security policy and contingency plan
– Personnel controls
– Secure positioning of equipment
– Escrow agreements
– Maintenance agreements
– Physical access controls
18
Authentication - User and Group Identifiers
Authentication – Access Control Matrix
19
Security Policy Coverage
The
area of the business it covers.
Responsibilities
and obligations of
employees.
The
disciplinary action that will result
from breaches of the policy.
Procedures
that must be followed.
21
Contingency Plan Coverage
Key
personnel and how to contact.
Who
decides contingency exists.
Technical
requirements of transferring
operations to other site(s).
Operational
requirements of transferring
operations to other site(s).
Any
important external contacts.
Whether
insurance exists to cover
situation.
22
Escrow Agreement
Legal
contract concerning software,
made between developers and clients,
whereby a third party holds the source
code for the client’s applications.
Client
can acquire source code if
developer goes out of business, and
ensures that the client is not left with
non-maintainable systems.
Often
overlooked and under-managed.
23
Escrow Agreement Issues
Type
of contents deposited.
Update
process and the timing.
Details
of any third party software used.
Whether
verification of the deposit is
required.
Conditions
governing the release of the
deposit.
Details
of the release process.
24
PC Security
Moved
easily and normally located on
employees’ desks - often no access
controls other than those that apply to
the building or area.
Security
–
–
–
–
includes
Use of keyboard lock.
Use of user identifier and/or password.
Procedures to control access to floppy
discs.
Procedures to reduce risk of virus
infection.
25
Database and Web Security Measures
Proxy
servers
Firewalls
Digital
signatures
Message
digest algorithms and digital
signatures
Digital
certificates
Kerberos
Secure
sockets layer (SSL) and Secure
HTTP (SHTTP)
26
Security in Statistical Databases
Typically
used to generate statistical
information on various populations of
data.
Details
of individual records should
remain confidential and not be accessible.
Main
problem is how to assess whether
answers to legal queries can be used to
infer the answer to illegal queries.
27
Security Strategies in Statistical
Databases
Preventing
queries on only few entries.
Randomly
adding entries to query result
set to produce an error but approximates
to the true response.
Using
only a random sample to answer
query.
Maintaining
query profile and rejecting
queries that use a high number of records
identical to those used in previous
queries.
28
Stages of Risk Analysis
Establish
a security team.
Define
scope of analysis and obtain
system details.
Identify
all existing countermeasures.
Identify
and evaluate all assets.
Identify
and assess all threats and risks.
Select
countermeasures, undertake a
cost/benefit analysis, compare with
existing countermeasures.
Make
Test
recommendations.
security system.
29
Data Protection and Privacy Laws
Concerns
personal data and rights of
individuals with respect to their personal
data.
Legislation attempts to protect individuals
from abuse, and to enable organizations
(both public and private) to carry out their
lawful activities or duties.
Privacy
– Right of an individual not to have
personal information collected, stored,
and disclosed either will fully or
indiscriminately.
Data protection
– Protection of personal data from
unlawful acquisition, storage, and
disclosure, and provision of the
safeguards to avoid the destruction or
corruption of legitimate data
30