PRESENTATION BY:

GROUP 1
MEMBERS:

ABUBAKAR
AGASCON
AGCAOILI
APACIBLE
BAMBA
TALATALA
UNITO
VALENZUELA J.
VALLAREZ
YANG
4 PICS 1 WORD
ANSWER:

DATABASE
ANSWER:

SECURITY
ANSWER:

PLANNING
DATABASE SECURITY
AND INTEGRITY
PLANNING FOR
SECURITY
OBJECTIVE:

WHAT IS DATABASE SECURITY

DANGERS FOR DATABASE
DATABASE SECURITY METHODOLOGY
WHAT IS DATA INTEGRITY
2 TYPES OF DATA INTEGRITY
DIFFERENCES BETWEEN DATABASE SECURITY AND DATA INTEGRITY
OBJECTIVE:

INFORMATION SECURITY POLICIES

POLICIES
INCIDENT RESPONSE PLANNING
INCIDENT RESPONSE
INCIDENT DETECTION
INCIDENT REACTION
INCIDENT CONTAINMENT STRATEGIES
INCIDENT RECOVERY
DATABASE SECURITY
DATABASE SECURITY

Database Security entertain allowing or

disallowing user action on the database and
the objects within it. DMBS contains
Discretionary access control regulates all user
access to name objects through Privileges.
DANGERS FOR DATABASE
SECURITY VULNERABILITY

USER MAKER
SOFTWARE
SECURITY
VULNERABILITIES
DESIGN INSTALLATION
AND
AND
IMPLEMENTATION CONFIGURATION
SECURITY RISK

Access Viruses
DATABASE
SECURITY RISKS

Data Leakage
Password
SECURITY THREAT

MALICIOUS CODE
PEOPLE

DATABASE
SECURITY THREATS
TECHNOLOGICAL
DISASTERS

NATURAL DISASTERS
DATABASE SECURITY METHODS
DATABASE COMPONENTS PROTECTED SECURITY METHODS

Physical Limit to access hardware and

documents.

Through the Process of Identification and

1. PEOPLE authentication make sure right user is
going to access the Information

Establishment of security Policies and

procedures.
DATABASE COMPONENTS PROTECTED SECURITY METHODS

Authentication of users who access the

application

2. APPLICATIONS
Apply Business rules

A Single sign on
DATABASE COMPONENTS PROTECTED SECURITY METHODS

Network Firewall to block the intruders

3. NETWORK VPN
Network Authentication

Authentication
4. Operating System Password Policy
User Accounts

File/Folder Permissions
5. Data Files
Access Monitoring
DATA INTEGRITY
DATA INTEGRITY

Data Integrity is refers to the overall completeness,

accuracy and consistency of data and data Integrity
has two types Physical and Logical.
PHYSICAL INTEGRITY

Physical integrity is the protection of the wholeness and

accuracy of that data as it’s stored and retrieved. When
natural disasters strike, power goes out, or hackers
disrupt database functions, physical integrity is
compromised. Human error, storage erosion, and a host of
other issues can also make it impossible for data
processing managers, system programmers, applications
programmers, and internal auditors to obtain accurate
data

Challenges: electromechanical faults, physical design flaws,

natural disasters etc.
LOGICAL INTEGRITY

Concerned with referential integrity and entity integrity in a

relational database.

Challenges: software burgs, design flaws, and human errors.

DIFFERENCE BETWEEN DATA SECURITY
AND DATA INTEGRITY

Data security refers to the protection of data against

unauthorized access or corruption and is necessary to
ensure data integrity. That said, data integrity is a desired
result of data security, but the term data integrity refers
only to the validity and accuracy of data rather than the act
of protecting data.
PLANNING FOR SECURITY
INFORMATION SECURITY POLICIES

From basis for all IS Security planning.

Direct how issues should be addressed.
Don't specify proper operation of equipment or software.
Should never contradict law.
Obligates personnel to function in manner that adds to
security of info.
Least expensive control to execute.
Most difficult to implement properly.
Standup in court if challenged.
Be properly administered through dissemination and
documented acceptance.
POLICIES

SECURITY POLICY
Set of rules that protects & organizations assets.

INFORMATION SECURITY POLICY

Set of rules protects organizations information assets.

THREE TYPES:
General or Enterprise
Issue-Specific
System-Specific
INCIDENT RESPONSE PLANNING

Activities to be performed when an incident has been identified.

WHAT IS AN INCIDENT?
If action threatens information & completed.

CHARACTERISTICS:
Directed against information assets.
Realistics change of success.
Threaten the confidentiality, integrity or availability of info.
INCIDENT RESPONSE

Set of activities taken to plan for detect and correct the impact.

INCIDENT PLANNING
Requires understanding BIA scenarios.
Develop series of predefined responses.
Enables org to react quickly.
INCIDENT RESPONSE

INCIDENT DETECTION

Mechanism - intrusion detection systems, virus,

detection, system administrators, end users.
INCIDENT DETECTION

POSSIBLE INDICATORS

Presence of unfamiliar files

Execution of unknown programs or processes
Unusual consumption of computing resources
Unusual system crashes
INCIDENT DETECTION

PROBABLE INDICATORS

Activities at unexpected times

Presence of new accounts
Reported attacks
Notification form IDS
INCIDENT DETECTION

DEFINITE INDICATORS

Use of dormant accounts

Changes to logs
Presence of hacker tools
Notification by partner or peer
Notification by hackers
INCIDENT DETECTION

PREDEFINED SITUATION

Loss of availability
Loss of integrity
Loss of confidentiality
Violation of policy
Vialation of law
INCIDENT REACTION

-ACTIONS OUTLINED IN THE IRP

-GUIDE THE ORGANIZATION

Stop the incident

Mitigate the impact
Provide information recovery

-NOTIFY KEY PERSONNEL

-DOCUMENT INCIDENT
INCIDENT CONTAINMENT STRATEGIES

Sever affected communication circuits

Disable accounts
Reconfigure firewall
Disable process or service
Take down email
Stop all computers and network devices
Isolate affected channels, processes, services, or
computers.
INCIDENT RECOVERY

-GET EVERYONE MOVING AND FOCUSED

-ASSESS DAMAGE
-RECOVERY

Identify and resolve vulnerabilities

Address safeguards
Evaluate monitoring capabilities
Restore data from backups
Restore process and services
Continuously monitor system
Restore confidence
THANK YOU
EVERYONE!