CHAPTER 4 Security Part II: Auditing Database Systems
With access
The term database is used in a broad context to
include two general approaches: the flat-file model and
the database model
DATA MANAGEMENT APPROACHES
Flat-File Approach - Flat files are data files that contain
records with no structured relationships to other files.
The flat-file approach is most often associated with so-
called legacy systems.
The flat-file environment promotes a single-user view
approach to data management whereby end users own
their data files rather than share them with other users
Data redundancy- replication of essentially the same
data in multiple files. It contributes to three significant
problems in the flat-file environment: data storage,
data updating, and currency of information
Task-data dependency- user’s inability to obtain
additional information as his or her needs change
Database Approach -This approach centralizes the
organization’s data into a common database that is
shared by other users. With the enterprise’s data in a
central location, all users have access to the data they
need to achieve their respective objectives. Through
data sharing, the traditional problems associated with
the flat-file approach may be overcome.
 Elimination of Data Storage Problem - Each
data element is stored only once, thereby
eliminating data redundancy and reducing data
collection and storage costs
 Elimination of Data Update Problem- Because
each data element exists in only one place, it
requires only a single update procedure. This
reduces the time and cost of keeping the
database current.
 Elimination of Currency Problem- A single
change to a database attribute is automatically
made available to all users of the attribute
 Elimination of Task-Data Dependency Problem
-The most striking difference between the
database model and the flat-file model is the
pooling of data into a common database that is
shared by all organizational users.
to the full domain of entity data, changes in
user information needs can be satisfied without
obtaining additional private data sets.
KEY ELEMENTS OF THE DATABASE
ENVIRONMENT
 Database Management System
 Program development - to create applications
to access the database.
 Backup and recovery- DBMS can recover to an
earlier version that is known to be correct
 Database usage reporting- captures statistics on
what data are being used, when they are used,
and who uses them
 Database access- The most important feature of
a DBMS is to permit authorized user access,
both formal and informal, to the database
Data definition language (DDL) is a
programming language used to define the
database to the DBMS. The DDL identifies the
names and the relationship of all data elements,
records, and files that constitute the database.
This definition has three levels, called views: the
physical internal view, the conceptual view
(schema), and the user view (subschema).
Database Views
Internal View/Physical View. This is the lowest
level of representation, which is one step
removed from the physical database. This
internal view describes the structures of data
records, the linkages between files, and the
physical arrangement and sequence of records
in a file. There is only one internal view for the
database.
Database Views Internal View/Physical View.
The physical arrangement of records in the
database is presented through the internal
view. This is the lowest level of representation,
which is one step removed from the physical
database. This internal view describes the
structures of data records, the linkages
between files, and the physical arrangement
 and sequence of records in a file. There is only
one internal view or the database.
External View/User View (Subschema). The
subschema or user view, defines the user’s
section of the database—the portion that an
individual user is authorized to access
 Users
Data manipulation Language(DML) is the
proprietary programming language that a
particular DBMS uses to retrieve, process, and
store data. Entire user programs may be written
in the DML or, alternatively, selected DML
commands can be inserted into programs that
are written in universal languages, such as
JAVA, C++, and even older languages such as
COBOL and FORTRAN.
A query is an ad hoc access methodology for
extracting information from a database. Users
can access data via direct query, which requires
no formal user programs using the DBMS’s
built-in query facility.
IBM’s Structured Query Language (SQL) (often
pronounced sequel or S-Q-L), has emerged as
the standard query language for both
mainframe and microcomputer DBMSs. SQL is a
fourth-generation, nonprocedural language
(English-like commands) with many commands
that allow users to input, retrieve, and modify
data easily
Database administrator (DBA). The DBA is
responsible for managing the database
resource. The sharing of a common database by
multiple users requires organization,
coordination, rules, and guidelines to protect
the integrity of the database.
Data structures are the bricks and mortar of the
database
Data Organization of a file refers to the way
records are physically arranged on the
secondary storage device, this may be either
sequential or random
Data Access Methods - is the technique used to
locate records and to navigate through the
database
Data Attribute/Field. A data attribute (or field)
is a single item of data, such as customer’s
name, account balance, or address
Entity. An entity is a database representation of
an individual resource, event, or agent about
which we choose to collect data.
Record Type (Table or File). When we group
together the data attributes that logically define
an entity, they form a record type
Navigational Databases. The hierarchical data
model is called a navigational data- base
because traversing the files requires following a
predefined path.
The Network Model - Like the hierarchical
model, the network model is a navigational
database with explicit linkages between records
and files. The distinction is that the network
model permits a child record to have multiple
parents.
The Relational Model - The relational model
portrays data in the form of two-dimensional
tables
Partitioned database approach splits the
central database into segments or partitions
that are distributed to their primary user
Deadlock is a permanent condition that must
be resolved by special software that analyzes
each deadlock condition to determine the best
solution, can result in transactions being
incompletely processed and the database being
corrupted.
Resolving a deadlock usually involves
terminating one or more transactions to
complete processing of the other transactions
in the deadlock.
Replicated databases are effective in
companies where there exists a high degree of
data sharing but no primary user
Database concurrency is the presence of
complete and accurate data at all user sites
CONTROLLING AND AUDITING DATA
MANAGEMENT SYSTEMS
 Access controls are designed to prevent Checkpoint facility suspends all data processing
unauthorized individuals from viewing, while the system reconciles the transaction log
retrieving, corrupting, or destroying the entity’s and the database change log against the
data. database.
Backup controls ensure that in the event of Recovery module uses the logs and backup files
data loss due to unauthorized access, to restart the system after a failure.
equipment failure, or physical disaster the
organization can recover its database.
The user view or subschema is a subset of the
total database that defines the user’s data
domain and provides access to the database
Data base authorization table contains rules
that limit the actions a user can take
User-defined procedure allows the user to
create a personal security program or routine to
provide more positive user identification than a
single password

Audit Procedures for Testing Database Access

Controls
 Responsibility for Authority Tables and
Subschemas.
 Appropriate Access Authority
 Biometric Controls.
 Inference Controls.
 Encryption Controls.
 Backup Controls

Audit Procedures for Testing Flat-File Backup

Controls
 Sequential File (GPC) Backup- select a sample
of systems and determine from the system
documentation that the number of GPC backup
files specified for each system is adequate.
 Backup Transaction Files- verify through
physical observation that transaction files used
to reconstruct the master files are also retained
 Direct Access File Backup - should select a
sample of applications and identify the direct
access files being updated in each system
 Off-Site Storage- verify the existence and
adequacy of off-site storage.

Transaction log feature provides an audit trail

of all processed transactions.