Download chap16

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts

Extensible Storage Engine wikipedia , lookup

Concurrency control wikipedia , lookup

Functional Database Model wikipedia , lookup

Database wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Relational model wikipedia , lookup

Clusterpoint wikipedia , lookup

Database model wikipedia , lookup

ContactPoint wikipedia , lookup

Transcript
Chapter 16
Security
Chapter 16 - Objectives
 The
scope of database security.
 Why database security is a serious concern
for an organization.
 The type of threats that can affect a database
system.
 How to protect a computer system using
computer-based controls.
 How to protect a computer system using
non-computer-based controls.
 The purpose and main stages of risk
analysis.
 The purpose of data protection and privacy
laws.
2
Database Security
 Data
is a valuable resource that must be
strictly controlled and managed, as with any
corporate resource.
 Part or all of the corporate data may have
strategic importance and therefore needs to
be kept secure and confidential.
 Protection of the database against
intentional or unintentional threats using
computer-based or non-computer-based
controls.
 Security considerations do not only apply to
the data held in a database. Breaches of
security may affect other parts of the
system, which may in turn affect the
database.
4
Database Security
Involves measures to avoid:
 Theft and fraud
 Loss of confidentiality (secrecy)
 Loss of privacy
 Loss of integrity
 Loss of availability
 Threat
–
Any situation or event, whether
intentional or unintentional, that
will adversely affect a system and
consequently an organization.
6
Examples of Threats
8
Summary of Threats to Computer
Systems
9
Typical Multi-user Computer
Environment
10
Countermeasures – Computer-Based
Controls
 Authorization
 Views
 Backup
and recovery
 Integrity
 Encryption
 Associated procedures
11
Countermeasures – Computer-Based
Controls



Authorization
– The granting of a right or privilege, which
enables a subject to legitimately have access to a
system or a system’s object.
Authentication
– A mechanism that determines whether a user is,
who he or she claims to be.
View
– Is the dynamic result of one or more relational
operations operating on the base relations to
produce another relation.
A view is a virtual relation that does not actually
exist in the database, but is produced upon
request by a particular user, at the time of
request.
12
Countermeasures – Computer-Based
Controls
 Backup
–
Process of periodically taking a copy of the
database and log file (and possibly programs)
to offline storage media.
 Journaling
–
Process of keeping and maintaining a log file
(or journal) of all changes made to database to
enable effective recovery in event of failure.
 Checkpointing
–
Point of synchronization between the database
and the transaction log file. All buffers are
force-written to secondary storage.
 Integrity
–
Prevents data from becoming invalid, hence
giving misleading or incorrect results.
14
Countermeasures – Computer-Based
Controls
 Encryption
–
The encoding of the data by a special
algorithm that renders the data
unreadable by any program without the
decryption key.
 Associated
Procedures
 Authorization and Authentication
 Backup
 Recovery
 Audit
 Installation of new application software
 Installation/upgrading of system software
16
Countermeasures – Non-ComputerBased Controls
 Concerned
with matters such as policies,
agreements, and other administrative
controls and includes:
– Security policy and contingency plan
– Personnel controls
– Secure positioning of equipment
– Escrow agreements
– Maintenance agreements
– Physical access controls
18
Authentication - User and Group Identifiers
Authentication – Access Control Matrix
19
Security Policy Coverage
 The
area of the business it covers.
 Responsibilities
and obligations of
employees.
 The
disciplinary action that will result
from breaches of the policy.
 Procedures
that must be followed.
21
Contingency Plan Coverage
 Key
personnel and how to contact.
 Who
decides contingency exists.
 Technical
requirements of transferring
operations to other site(s).
 Operational
requirements of transferring
operations to other site(s).
 Any
important external contacts.
 Whether
insurance exists to cover
situation.
22
Escrow Agreement
 Legal
contract concerning software,
made between developers and clients,
whereby a third party holds the source
code for the client’s applications.
 Client
can acquire source code if
developer goes out of business, and
ensures that the client is not left with
non-maintainable systems.
 Often
overlooked and under-managed.
23
Escrow Agreement Issues
 Type
of contents deposited.
 Update
process and the timing.
 Details
of any third party software used.
 Whether
verification of the deposit is
required.
 Conditions
governing the release of the
deposit.
 Details
of the release process.
24
PC Security
 Moved
easily and normally located on
employees’ desks - often no access
controls other than those that apply to
the building or area.
 Security
–
–
–
–
includes
Use of keyboard lock.
Use of user identifier and/or password.
Procedures to control access to floppy
discs.
Procedures to reduce risk of virus
infection.
25
Database and Web Security Measures
 Proxy
servers
 Firewalls
 Digital
signatures
 Message
digest algorithms and digital
signatures
 Digital
certificates
 Kerberos
 Secure
sockets layer (SSL) and Secure
HTTP (SHTTP)
26
Security in Statistical Databases
 Typically
used to generate statistical
information on various populations of
data.
 Details
of individual records should
remain confidential and not be accessible.
 Main
problem is how to assess whether
answers to legal queries can be used to
infer the answer to illegal queries.
27
Security Strategies in Statistical
Databases
 Preventing
queries on only few entries.
 Randomly
adding entries to query result
set to produce an error but approximates
to the true response.
 Using
only a random sample to answer
query.
 Maintaining
query profile and rejecting
queries that use a high number of records
identical to those used in previous
queries.
28
Stages of Risk Analysis
 Establish
a security team.
 Define
scope of analysis and obtain
system details.
 Identify
all existing countermeasures.
 Identify
and evaluate all assets.
 Identify
and assess all threats and risks.
 Select
countermeasures, undertake a
cost/benefit analysis, compare with
existing countermeasures.
 Make
 Test
recommendations.
security system.
29
Data Protection and Privacy Laws
 Concerns
personal data and rights of
individuals with respect to their personal
data.
 Legislation attempts to protect individuals
from abuse, and to enable organizations
(both public and private) to carry out their
lawful activities or duties.
 Privacy
– Right of an individual not to have
personal information collected, stored,
and disclosed either will fully or
indiscriminately.
 Data protection
– Protection of personal data from
unlawful acquisition, storage, and
disclosure, and provision of the
safeguards to avoid the destruction or
corruption of legitimate data
30