Scribd Logo
Upload

Welcome to Scribd!

  • Database Security and Auditing

    Uploaded by

    Cherry Mea Bahoy
    5 views9 pages

    Original Title

    DATABASE SECURITY AND AUDITING.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views9 pages

    Database Security and Auditing

    Uploaded by

    Cherry Mea Bahoy

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 9

    DATABASE SECURITY AND AUDITING:

     Security violations and attacks are increasing globally at an annual average rate of 20%.
    SECURITY

     Database security: degree to which data is fully protected from tampering or unauthorized acts

    INFORMATION SYSTEM

     Information system: comprised of components working together to produce and generate


    accurate information
     Wise decisions require:
    o Accurate and timely information
    o Information integrity
     Categorized based on usage: low-level, mid-level and high-level

     Information system components include:

    ◦ Data
    ◦ Procedures
    ◦ Hardware
    ◦ Software
    ◦ Network
    ◦ People

     DBMS functionalities:
    ◦ Organize data
    ◦ Store and retrieve data efficiently
    ◦ Manipulate data (update and delete)
    ◦ Enforce referential integrity and consistency
    ◦ Enforce and implement data security policies and procedures
    ◦ Back up, recover, and restore data
    INFORMATION SECURITY

     Information is one of an organization’s most valuable assets


     Information security: consists of procedures and measures taken to protect information systems
    components
     C.I.A. triangle: confidentiality, integrity, availability
    CINFIDENTIALITY

     Addresses two aspects of security:


     ◦ Prevention of unauthorized access
     ◦ Information disclosure based on classification
     Classify company information into levels:
     ◦ Each level has its own security measures
     ◦ Usually based on degree of confidentiality necessary to protect information
    INTEGRITY
     Consistent and valid data, processed correctly, yields accurate information
     Information has integrity if:

    o It is accurate
    o It has not been tampered with
     Two security violations:
    ◦ Confidential data is disclosed inappropriately
    ◦ An application to modify data was access inappropriately.

    AVAILABILITY
     Systems must be always available to authorized users
     Systems determines what a user can do with the information
    INFORMATION SECURITY ARCHITECTURE

     Protects data and information produced from the data



     Components include:
     Policies and procedures
    ◦ Security personnel and administrators
    ◦ Detection equipments
    ◦ Security programs
    ◦ Monitoring equipment
    ◦ Monitoring applications
    ◦ Auditing procedures and tools
    DATABASE SECURITY

     Enforce security at all database levels


     Security access point: place where database security must be protected and applied
     Security gaps: points at which security is missing
     Vulnerabilities: kinks in the system that can become threats
     Threat: security risk that can become a system breach

    MENACES TO DATABASES

     Security vulnerability: a weakness in any information system component


     Security threat: a security violation or attack that can happen any time because of a security
    vulnerability.
     Security risk: a known security gap left open.
    ASSET TYPE AND THEIR VALUE

     Security measures are based on the value of each asset


     Types of assets include:
    ◦ Physical: tangible assets
    including buildings, cars,
    hardware, ...
    ◦ Logical: such as
    business applications, in-
    house programs,
    purchased software,
    databases, ...
    ◦ Intangible: business
    reputation, public
    confidence, ...
    ◦ Human: human skills,
    knowledge, expertise,
    SQL Procedures, Triggers and Functions

     A stored procedure is a set of pre-compiled Structured Query Languages (SQL).


     A procedure always contains a name, parameter lists, and SQL statements.
     Stored procedures are declared using the following syntax:


     A function is a database object in SQL Server. Basically, it is also a set of SQL statements that
    accept only input parameters and produce output in a single value form or tabular form.
     SQL functions are categorized into the following two categories:
    1. Aggregate Functions
    2. Scalar Functions
     The Aggregate Functions in SQL perform calculations on a group of values and then return a
    single value. Following are a few of the most commonly used Aggregate Functions:

     The Scalar Functions in SQL are used to return a single value from the given input value.
    Following are a few of the most commonly used Aggregate Functions:

     A trigger is a set of actions that are run automatically when a specified change operation (SQL
    INSERT, UPDATE, or DELETE statement) is performed on a specified table.


    Database Administration
    Database administration refers to the whole set of activities performed by a database
    administrator to ensure that a database is always available as needed.

     Responsibilities of Database Administration:


    o Policy Formulation and Implementation
    o Data Dictionary Management
    o Training
    o DBMS Support
    o Database Design

    Policy Formulation and Implementation

     Access Privileges
     Users should access the database only in ways in which they are entitled

     Security
    o Access restrictions ensure that the database is secure.
    o Passwords, encryption, and views implement security.
    o Effective password protection is critical
     Planning for Disaster
    o Databases can be harmed from hardware and software malfunctions, and outside forces
    like floods and power outages.
     Archives
    o An archive is a place where corporate data is kept.

    Additional Responsibilities of DBA

     Training
    o DBA gives training on the DBMS and how to access the database
     DBMS Support
    o The DBA is charged with all aspects of a DBMS, including selection and management
     Database Design
    o DBA is responsible for tuning the design and making changes that improve system
    performance
    DBA Responsibilities:
    o Database Security
    o Database Tuning
    o Backup and Recovery
    o Producing Reports from Queries

    Types of DBA
    o Development
    o DBA
    o Administrative DBA
    o Data Warehouse DBA
    o Data Architect

    Administrative DBA

     Concerned with backups, security, patches, and replication.


    Development DBA

     Works on building SQL queries, stored procedures, and so on, that meet the business needs.
    Data Architect

     Designs schemas, builds tables indexes, data structures and relationships.


    Data Warehouse DBA

     This is a relatively newer role, responsible for merging data from multiple sources into a data
    warehouse.
    INTRODUCTION TO MYSQLDUMP TOOL

     The mysqldump tool allows you to make a backup of one or more databases by generating a text
    file that contains SQL statements which can re-create the databases from scratch.
     The mysql tool is located in the root/bin directory of the MySQL installation directory.
    Common Mysqldump options:

     Add-drop-table
     Add-locks
     all-databases
     Create-options
     Databases
     disable-keys
     extended-insert
     Flush-logs
     Lock-tables
     No-data
     Opt
     Quick
     result-file
     set-charset
     Tables
     Where

    You might also like