Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Database Security Carl J. Hoppe 20 November 2013 Outline • What is Database Security? • The Key Points of Database Security. • Steps to Protect a Database. • Threats to a Database. • My Experiences with Database Security. What is Database Security? • The use of a broad range of information security controls to protect databases against compromises of their confidentiality, integrity and availability. • Database security is a specialist topic within the broader realms of computer security, information security and risk management. Key Points of Database Security • Database security is based upon many types of Information Security. • Access Control • Auditing • Authentication • Encryption • Backups • Integrity Controls • Application Security Steps to Protect a Database Steps to Protect a Database(cont.) • Plan • Establish standards and policies to guide the rest of the process. • Discover and Assess • Enumerate the databases, determine what applications use them, what data they contain, and who owns the system and data. Steps to Protect a Database(cont.) • Secure • Based on the results of the assessments, update and secure the databases. Lock down access channels and look for any entitlement issues. • Monitor • Database activity monitoring and database auditing • Database Management Systems (DBMS) Steps to Protect a Database(cont.) • Protect • Apply preventative controls to protect the data as users and systems interact with it. • Manage • Management of ongoing systems and application management; configuration management, patch management, and change management. • Database Management Systems (DBMS) Threats to a Database • Data corruption • Design flaws and programming bugs • Performance constraints and capacity issues • Malware • Unauthorized access My Experiences with Database Security • Data Center Building Access • Key card requirements • Database Management Systems (DBMS) • Managing the capacity • Managing the sensors Conclusion • What is Database Security? • The Key Points of Database Security. • Steps to Protect a Database. • Threats to a Database. • My Experiences with Database Security. References • https://securosis.com/projectquant/project-quant-databasesecurity-process-framework/ • http://en.wikipedia.org/wiki/Database_security