Professional Documents
Culture Documents
Mercy Nungari
GS180289BSIT
CAT 1 AND 2
1.a
System Threats
They include:
Failure to update systems, particularly when a patch is issued, is a serious database security risk.
Whenever public notice is given about a new patch, hackers are made aware of a weakness and
look for systems that have not yet been updated. Therefore, staying on top of software updates is
vital.
Injections
This is a very common database security vulnerability attack, which exploits a web software
weakness to enable various activities such as account impersonation; manipulating user actions;
and accessing the database.
Malware
Malware can infect various devices, and lead to legitimate users enabling the theft of data as the
malicious code embedded in their device uses their access abilities to penetrate an organization.
Neglected Databases
One of the top database security threats is the lack of protection for backup storage media.
Forgotten databases, or new ones that the security team does not know about, can be a serious
database security and integrity threat.
Credential Threats
Employing substandard password management and authentication methods can allow identity
theft, brute force attacks, and social engineering schemes such as phishing.
Privilege Threats
Another database security risk can occur when an administrator provides a user with rights
beyond what they actually need, or when a user abuses their access rights. In either case,
databases can be improperly accessed through unintended consequences of legitimate privileges.
Similarly, by exploiting low-level access permissions, a skilled attacker can gain entry to high-
level privileges.
1.b
I.
Capabilities
The data in a database can be accessed from anywhere using a mobile database. It
provides wireless database access.
The database systems are synchronized using mobile databases and multiple users can
access the data with seamless delivery process.
Mobile databases require very little support and maintenance.
The mobile database can be synchronized with multiple devices such as mobiles,
computer devices, laptops etc.
Limitations
The mobile data is less secure than data that is stored in a conventional stationary
database. This presents a security hazard.
The mobile unit that houses a mobile database may frequently lose power because of
limited battery. This should not lead to loss of data in database.
II.
Data caching-this is whereby data availability to user queries is with limited bandwith.
Solution
Semantic data caching-this is whereby the client maintains a semantic description of
the data in its cache instead of maintaining a list of tables and tuples.The server
processes simple predicates on the database and the results are cached at the client.
Data broadcast-this is whereby a set of most frequently accessed data is made available
by continuously broadcating it on some fixed radio frequency.The contents of the
broadcast reflects the data demand of the mobile units.
Solution
This can be achieved through data access historsswhich can be fed into the data
broadcasting system.For efficient access ,the broadcast file use index or some other
method.
Data classification
This deals with how the mobile database system looks at the data in the database.For
example in Location Dependent Data (LDD),the value of the location determines the
correct value of the data eg.City tax and City area.
Solution
Location binding and location mapping-they can be achieved through database schema or
location mapping table.
2.a
Some critical security capabilities are bundled with relational database platforms: identity
management, access control and network communication encryption are common examples. But
that leaves off many critical services, such as the monitoring of user activity, SQL injection
protection and vulnerability assessments. In other cases, what's provided is simply not suitable.
For instance, database-generated audit trails often lack the information needed for compliance
reports, and built-in encryption is often too slow and too difficult to integrate.
In addition, the database security gap widens when RDBMS customer requirements are taken
into account, as organizations often need protection for more than a single type of database.
Single platform products don't play well when an enterprise has sensitive information in many
types of databases. In fact, most firms run Oracle next to Postgres and MySQL, or DB2, Sybase
and SQL Server -- with each platform serving their own particular and critical business functions.
2.b
Database security encompasses a range of security controls designed to protect the Database
Management System (DBMS). The types of database security measures your business should use
include protecting the underlying infrastructure that houses the database such as the network and
servers), securely configuring the DBMS, and the access to the data itself.
Data accessibility refers to a user's ability to access or retrieve data stored within a database or
other repository. Users who have data access can store, retrieve, move or manipulate stored data,
which can be stored on a wide range of hard drives and external devices.This can be a database
security issue as it means that the database is vulnerable to attacks and exposure of sentitive data.
c.
Database users may have different privileges. However, users may abuse them and here are the
major types of privilege abuses: excessive privilege abuse, legitimate privileges abuse and
unused privilege abuse. Excessive privileges always create unnecessary risks.
This is a type of attack when a malicious code is embedded in frontend (web) applications and
then passed to the backend database. As the result of SQL injections cybercriminals get
unlimited access to any data being stored in a database.
It’s a good practice to make backups of proprietary databases at defined periods of time.
However, surprisingly database back-up files are often left completely unprotected from attack.
As a result, there are numerous security breaches happening through database backup leaks.
This type of attacks slows down a database server and can even make it unavailable to all users.
Despite the fact that a DoS attack doesn’t disclose the contents of a database, it may cost the
victims a lot of time and money. Moreover, what’s the use of a database if you can’t use or
access it.
Lack of Security Expertise and Education-breach against integrity
Databases get breached and leaked due to insufficient level of IT security expertise and
education of non-technical employees who may break basic database security rules and put
databases at risk. IT security personnel may also lack the expertise required to implement
security controls, enforce policies, or conduct incident response processes.
d.
Database security metric is a standard of measurement that enables quantification of the degree
of safety of a database. It measures how likely a database system is to suffer damage from attack.
b.
For a database metric to be effective and efficient the organization has to be able to:
Fully comprehend the metrics-Defining a metric is similar to telling a joke – if you have
to spend too much time explaining it then it will not work. Employees need to understand
the metric, how they can influence it and what is expected of them.
Gain management ,support and approval-The successful implementation of any new
metric requires the approval and interest of senior managers. They have to lead the
culture change from the top. Using a new set of metrics to measure performance is a
change that may well attract resistance from across the company, so high-level
endorsement and open communication is needed to get everyone on board.
Understand the exact information required of all the metrics-It’s not unusual for
companies to set a metric, only to discover that either their processes or tools (or both)
cannot generate the data they need. It could mean some investment is required, but be
clear about how much the business will benefit from having the metric before spending
money. Metrics need to be reliable and give out the same answer no matter who
calculates it.
Measure and share the results-It may seem a little obvious, but a large number of
companies go to the trouble of designing metrics and buying expensive tools, and then do
not actually do very much with the results. Usually it is because too many metrics have
been set. So keep it manageable – it is better to have five meaningful metrics that the
organization will use than 50 that it won’t.Use metrics to learn from others. Never
hesitate to contact another person in the company and ask how they are progressing.
Conduct a regular review and update the metrics-When implementing metrics, don’t
forget that the organization will need to revise its metrics from time to time. The process
is needed because businesses evolve and changes will surface as time goes by. Make sure
the metrics still measure what they intended to measure. After all, if the metrics are out of
date, then what is the purpose of retaining them?
5.a
A security framework isa designed based on the core facets of database security mechanisms
(CIA) to help address the issues of confidentiality, integrity and authenticity as well as
availability of data.
b.
As the need for securing databases has also increased, database security frameworks help in
achieving the primary objectives of database security through Confidentiality, Integrity and
Availabiliy. The primary objectives of database security are to prevent unauthorized access to
data, prevent unauthorized tampering or modification of data, and to also ensure that, these data
remains available whenever needed.
c.
i.
COBIT is the framework for the governance of enterprise IT. COBIT (Control Objectives for
Information and Related Technology) helps organisations meet business challenges in the areas
of regulatory compliance, risk management and aligning IT strategy with organisational goals.
COBIT 5 is based on five principles that are essential for the effective management and
governance of enterprise IT:
These five principles enable an organisation to build a holistic framework for the governance and
management of IT that is built on seven ‘enablers’:
Together, the principles and enablers allow an organisation to align its IT investments with its
objectives to realise the value of those investments.
ii. Project Quant is supposed to be a database security framework. At this stage it seems to
be a decent outline of security in general, although there doesn't appear to be much in
place that is particular to database security as a specialty.
Project Quant – an open model/method development project being done in conjunction
with Rich Mogull of Securosis with the goal of developing a cost model for patch
management response that accurately reflects the financial and resource costs associated
with the process of evaluating and deploying software updates (patch management).
What is needed is a model that captures these and many other aspects of patch management
policies and operational realities that is also flexible enough to model small businesses as well as
very large corporations. Project Quant is an effort to get the ball rolling in that effort.
6.a
i. A computer security model is a scheme for specifying and enforcing security policies. A
security model may be founded upon a formal model of access rights, a model of
computation, a model of distributed computing, or no particular theoretical grounding at
all. A computer security model is implemented through a computer security policy.
ii. The primary purpose of a security model is to provide the necessary level of
understanding for a successful implementation of key security requirements.
b.
Access control is a security model that regulates who or what can view or use resources in a
computing environment. It is a fundamental concept in security that minimizes risk to the
business or organization.The purpose of access control must always be clear. It can be achieved
through the following :
Authentication
The client has to establish the identity of the server and the server has to establish the identity of
the client. This is done often by means of shared secrets (either a password/user-id combination,
or shared biographic and/or biometric data). It can also be achieved by a system of higher
authority which has previously established authentication. In client-server systems where data
(not necessarily the database) is distributed, the authentication may be acceptable from a peer
system.
Authorisation
Authorisation relates to the permissions granted to an authorised user to carry out particular
transactions, and hence to change the state of the database (writeitem transactions) and/or receive
data from the database (read-item transactions). The result of authorisation, which needs to be on
a transactional basis, is a vector: Authorisation (item, auth-id, operation). A vector is a sequence
of data values at a known location in the system.How this is put into effect is down to the DBMS
functionality. At a logical level, the system structure needs an authorisation server, which needs
to co-operate with an auditing server. There is an issue of server-to-server security and a problem
with amplification as the authorisation is transmitted from system to system. Amplification here
means that the security issues become larger as a larger number of DBMS servers are involved in
the transaction.
Discretionary control is where specific privileges are assigned on the basis of specific assets,
which authorised users are allowed to use in a particular way.The security DBMS has to
construct an access matrix including objects like relations, records, views and operations for each
user - each entry separating create, read, insert and update privileges. This matrix becomes very
intricate as authorisations will vary from object to object.
Mandatory control is authorisation by level or role. A typical mandatory scheme is the four-level
government classification of open, secret, most secret and top secret. The related concept is to
apply security controls not to individuals but to roles - so the pay clerk has privileges because of
the job role and not because of personal factors.
c.
Example
Implementing in Oracle :
Creating a proxy user called APP_PROXY that will be assigned to all application role
and will work on behalf of the application user APP_USER to gain access to all tables
owned by the application owner called APP_OWNER.
ii. Security Model Based on Application Roles
The concept of an application role security model are similar to the concept of database
role security model in that they are both methods for organizing and administrating
privileges. Application roles are typically mapped specifically to real business roles.
APPLICATION_USERS: This is used to store and maintain all end users of the
application with their encrypted passwords.
APPLICATION_ROLES :All roles defined by the application and for each role a
privilege are assigned. The privilege can be read, write, or read/write.
The security model that is based on application roles depends on the application to
authenticate the application users. Authentication is accomplished by maintaining all end
users in a table with their encrypted password.In this model, each end user is assigned an
application role, and the application role is provided with application privileges to
read/write specific modules of the application.
Privileges are limited to any combination of the following:
read add , delete ,update ,admin.
This model isolates the application security from the database, which make
implementation of database independent. Only one role is assigned to an application user.
Maintenance of the application security does not require specific database privilege. This
lowers the risk of database violation.
Example
This model does not allow the flexibility required to make changes necessary for security.
For example a user called Scott who has a clerk role, and the clerk has privileges to read,
add, and modify. This means that Scott can perform these operations on all modules of
the application.
7.
a.
Database security architecture can be defined as the overall design of the acceptable
database security mechanism by use of a database security strategy to ensure a secure
database management system(DBMS).
b.
i. Trusted subject architecture-it assumes a trusted Database Management system
(DBMS) and a trusted Operating system.It is used in many DBMS's such as sybase
and informix.
Trusted DBMS
Trusted OS
Database
ii. Woods hole architectures-It assumes the Operating system is trusted but the DBMS is
untrusted.
Untrusted DBMS
Database
iii. It has three variants:
Intergrity lock architecture, kernelized architecture and replicated architecture
Trusted filter
Cryptographic unit
Untrusted DBMS
Database
Kernelized architecture
Trusted OS
Database
Replicated architecture