Download Security Architecture - Doctor

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
Document related concepts

Relational model wikipedia , lookup

Database wikipedia , lookup

Clusterpoint wikipedia , lookup

Database model wikipedia , lookup

Object-relational impedance mismatch wikipedia , lookup

Transcript 
Security Architecture
Dr. Gabriel
Security
• Database security:
– degree to which data is fully protected from
tampering or unauthorized acts
– Full understanding requires viewing it within
information systems/information security
environment
Information Systems
• Success of companies
– By wise decisions of management
• Accurate and timely information
• Information integrity
• Information system:
– comprised of components working together to
produce and generate accurate information
– Categorized based on usage
Information Systems (continued)
Information Systems (continued)
Information Systems (continued)
Information Systems Components
Information Systems (continued)
• Client/server architecture:
– Based on the business model
– Can be implemented as one-tier; two-tier; n-tier
– Composed of three layers
• Tier: physical or logical platform
• Database management system (DBMS):
collection of programs that manage database
Information Systems (continued)
Database Management
• Essential to success of information system
• DBMS functionalities:
–
–
–
–
–
Organize data
Store and retrieve data efficiently
Manipulate data (update and delete)
Enforce referential integrity and consistency
Enforce and implement data security policies
and procedures
– Back up, recover, and restore data
Database Management (continued)
• DBMS components include:
–
–
–
–
–
–
Data
Hardware
Software
Networks
Procedures
Database servers
Database Management (continued)
Information Security
• Information is one of an organization’s most
valuable assets
• Information security:
– consists of procedures and measures taken to
protect information systems components
– Based on C.I.A. triangle:
• confidentiality, integrity, availability
• Cannot achieve 100% security while leaving
systems operational
• Security policies must be balanced according to
the C.I.A. triangle
Information Security (continued)
Confidentiality
• Addresses two aspects of security:
– Prevention of unauthorized access
– Information disclosure based on classification
• Classify company information into levels:
– Each level has its own security measures
– Usually based on degree of confidentiality
necessary to protect information
Confidentiality (continued)
Integrity
• Consistent and valid data, processed correctly,
yields accurate information
• Information has integrity if:
– It is accurate
– It has not been tampered with
• Read consistency: each user sees only his
changes and those committed by other users
Integrity (continued)
Integrity (continued)
Availability
• A system must be always available to
authorized users based on the system’s uptime
requirements
• Systems determines what a user can do with
the information
b
Availability (continued)
• Reasons for a system to become unavailable:
– External attacks and lack of system protection
– System failure with no/poor disaster recovery
strategy
– Overly stringent and obscure security policies
– Bad implementation of authentication processes
Information Security Architecture
• Protects data and information produced from
the data
• Model for protecting logical and physical assets
• Is the overall design of a company’s
implementation of C.I.A. triangle
Information Security Architecture
(continued)
Information Security Architecture
(continued)
• Components include:
–
–
–
–
–
–
–
Policies and procedures
Security personnel and administrators
Detection equipments
Security programs
Monitoring equipment
Monitoring applications
Auditing procedures and tools
Database Security
• Enforce security at all database levels
• Security access point: place where database
security must be protected and applied
• Data requires highest level of protection; data
access point must be small
Database Security (continued)
Database Security (continued)
• Reducing access point size reduces security
risks
• Security gaps: points at which security is
missing
• Vulnerabilities: kinks in the system that can
become threats
• Threat: security risk that can become a system
breach
Database Security (continued)
Database Security (continued)
Database Security Levels
• Relational database: collection of related
data files
• Data file: collection of related tables
• Table: collection of related rows (records)
• Row: collection of related columns (fields)
Database Security Levels (continued)
Menaces to Databases
• Security vulnerability: a weakness in any
information system component
Menaces to Databases (continued)
Menaces to Databases (continued)
• Security threat: a security violation or attack
that can happen any time because of a security
vulnerability
Menaces to Databases (continued)
Menaces to Databases (continued)
• Security risk: a known security gap intentionally
left open
Menaces to Databases (continued)
Factors for Rating Vulnerabilities, Threats,
and Risks
Asset Types and Their Value
• Security measures are based on the value of
each asset
• Types of assets include:
–
–
–
–
Physical
Logical
Intangible
Human
Security Methods
Security Methods (continued)
Database Security Methodology
DB security definition
• Collection of security policies and procedures,
data constraints, security methods, and security
tools blended together to implement all
necessary measures to secure the integrity,
accessibility, and confidentiality of every
component of the database environment
Questions ?
Related documents
Database Management Systems - University of Hawaii at Hilo
Database Management Systems - University of Hawaii at Hilo
Database Security
Database Security
Diapositive 1
Diapositive 1
Introduction - Rose
Introduction - Rose
database management system
database management system
Database Design for the Web
Database Design for the Web
Text 13 Database Management Systems
Text 13 Database Management Systems
ITE252 Slide 1 - Nassau Community College
ITE252 Slide 1 - Nassau Community College
Slide 1
Slide 1
Database Management System Module Title: CAP 364 Module ID
Database Management System Module Title: CAP 364 Module ID
Direct Marketing
Direct Marketing
Learn about databases here
Learn about databases here