Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword or section
Like this
26Activity

Table Of Contents

0 of .
Results for:
No results containing your search query
P. 1
Database Secruity

Database Secruity

Ratings: (0)|Views: 806 |Likes:
Published by Utkarsh Sethi

More info:

Published by: Utkarsh Sethi on Feb 24, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

11/23/2012

pdf

text

original

 
 
UNCLASSIFIED
DATABASESECURITY TECHNICAL IMPLEMENTATION GUIDE
 
Version 7, Release 129 OCTOBER 2004Developed by DISA for the DOD
 
 
Database STIG, V7R1 DISA Field Security Operations29 October 2004 Developed by DISA for the DOD
UNCLASSIFIED
ii
This page is intentionally left blank.
 
 
Database STIG, V7R1 DISA Field Security Operations29 October 2004 Developed by DISA for the DOD
UNCLASSIFIED
iii
TABLE OF CONTENTSPage
SUMMARY OF CHANGES.........................................................................................................xv1 INTRODUCTION.....................................................................................................................11.1 Background.....................................................................................................................11.2 Authority.........................................................................................................................11.3 Scope...............................................................................................................................21.4 Writing Conventions.......................................................................................................21.5 Vulnerability Severity Code Definitions.........................................................................31.6 DISA Information Assurance Vulnerability Management (IAVM)...............................31.7 STIG Distribution............................................................................................................31.8 Document Revisions........................................................................................................32 INTEGRITY..............................................................................................................................52.1 Software Integrity............................................................................................................52.1.1 Current DBMS Version........................................................................................52.1.2 DBMS Software/Object Modification..................................................................62.1.3 Unused Database Software/Components..............................................................72.2 Database Software Development....................................................................................72.2.1 Shared Production/Development Systems STIG Impacts.................................82.3 Ad Hoc Queries...............................................................................................................92.4 Multiple Services Host Systems......................................................................................92.5 Data Integrity...................................................................................................................92.5.1 Database File Integrity........................................................................................102.5.2 Database Software Baseline................................................................................102.5.3 Database File Backup and Recovery..................................................................113 DISCRETIONARY ACCESS CONTROL.............................................................................133.1 Database Account Controls...........................................................................................133.2 Authentication...............................................................................................................143.2.1 Password Guidelines...........................................................................................143.2.2 Certificate Guidelines.........................................................................................163.3 Database Accounts........................................................................................................163.3.1 Administrative Database Accounts.....................................................................163.3.2 Application Object Ownership/Schema Account...............................................163.3.3 Default Application Accounts.............................................................................173.3.4 Application Non-interactive/Automated Processing Accounts..........................173.3.5 N-Tier Application Connection Accounts..........................................................183.3.6 Application User Database Accounts.................................................................193.4 Database Authorizations................................................................................................193.4.1 Database Object Access......................................................................................193.4.2 Database Roles....................................................................................................203.4.2.1 Application Developer Roles.....................................................................21

Activity (26)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
António Ornelas liked this
Mike Yeap liked this
akbisoi1 liked this
zkizzy liked this
syriluit liked this
syriluit liked this
voxuyendaoday liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->