Chapter 16 Security Chapter 16 - Objectives The scope of database security. Why database security is a serious concern for an organization. The type of threats that can affect a database system. How to protect a computer system using computer-based controls. How to protect a computer system using non-computer-based controls. The purpose and main stages of risk analysis. The purpose of data protection and privacy laws. 2 Database Security Data is a valuable resource that must be strictly controlled and managed, as with any corporate resource. Part or all of the corporate data may have strategic importance and therefore needs to be kept secure and confidential. Protection of the database against intentional or unintentional threats using computer-based or non-computer-based controls. Security considerations do not only apply to the data held in a database. Breaches of security may affect other parts of the system, which may in turn affect the database. 4 Database Security Involves measures to avoid: Theft and fraud Loss of confidentiality (secrecy) Loss of privacy Loss of integrity Loss of availability Threat – Any situation or event, whether intentional or unintentional, that will adversely affect a system and consequently an organization. 6 Examples of Threats 8 Summary of Threats to Computer Systems 9 Typical Multi-user Computer Environment 10 Countermeasures – Computer-Based Controls Authorization Views Backup and recovery Integrity Encryption Associated procedures 11 Countermeasures – Computer-Based Controls Authorization – The granting of a right or privilege, which enables a subject to legitimately have access to a system or a system’s object. Authentication – A mechanism that determines whether a user is, who he or she claims to be. View – Is the dynamic result of one or more relational operations operating on the base relations to produce another relation. A view is a virtual relation that does not actually exist in the database, but is produced upon request by a particular user, at the time of request. 12 Countermeasures – Computer-Based Controls Backup – Process of periodically taking a copy of the database and log file (and possibly programs) to offline storage media. Journaling – Process of keeping and maintaining a log file (or journal) of all changes made to database to enable effective recovery in event of failure. Checkpointing – Point of synchronization between the database and the transaction log file. All buffers are force-written to secondary storage. Integrity – Prevents data from becoming invalid, hence giving misleading or incorrect results. 14 Countermeasures – Computer-Based Controls Encryption – The encoding of the data by a special algorithm that renders the data unreadable by any program without the decryption key. Associated Procedures Authorization and Authentication Backup Recovery Audit Installation of new application software Installation/upgrading of system software 16 Countermeasures – Non-ComputerBased Controls Concerned with matters such as policies, agreements, and other administrative controls and includes: – Security policy and contingency plan – Personnel controls – Secure positioning of equipment – Escrow agreements – Maintenance agreements – Physical access controls 18 Authentication - User and Group Identifiers Authentication – Access Control Matrix 19 Security Policy Coverage The area of the business it covers. Responsibilities and obligations of employees. The disciplinary action that will result from breaches of the policy. Procedures that must be followed. 21 Contingency Plan Coverage Key personnel and how to contact. Who decides contingency exists. Technical requirements of transferring operations to other site(s). Operational requirements of transferring operations to other site(s). Any important external contacts. Whether insurance exists to cover situation. 22 Escrow Agreement Legal contract concerning software, made between developers and clients, whereby a third party holds the source code for the client’s applications. Client can acquire source code if developer goes out of business, and ensures that the client is not left with non-maintainable systems. Often overlooked and under-managed. 23 Escrow Agreement Issues Type of contents deposited. Update process and the timing. Details of any third party software used. Whether verification of the deposit is required. Conditions governing the release of the deposit. Details of the release process. 24 PC Security Moved easily and normally located on employees’ desks - often no access controls other than those that apply to the building or area. Security – – – – includes Use of keyboard lock. Use of user identifier and/or password. Procedures to control access to floppy discs. Procedures to reduce risk of virus infection. 25 Database and Web Security Measures Proxy servers Firewalls Digital signatures Message digest algorithms and digital signatures Digital certificates Kerberos Secure sockets layer (SSL) and Secure HTTP (SHTTP) 26 Security in Statistical Databases Typically used to generate statistical information on various populations of data. Details of individual records should remain confidential and not be accessible. Main problem is how to assess whether answers to legal queries can be used to infer the answer to illegal queries. 27 Security Strategies in Statistical Databases Preventing queries on only few entries. Randomly adding entries to query result set to produce an error but approximates to the true response. Using only a random sample to answer query. Maintaining query profile and rejecting queries that use a high number of records identical to those used in previous queries. 28 Stages of Risk Analysis Establish a security team. Define scope of analysis and obtain system details. Identify all existing countermeasures. Identify and evaluate all assets. Identify and assess all threats and risks. Select countermeasures, undertake a cost/benefit analysis, compare with existing countermeasures. Make Test recommendations. security system. 29 Data Protection and Privacy Laws Concerns personal data and rights of individuals with respect to their personal data. Legislation attempts to protect individuals from abuse, and to enable organizations (both public and private) to carry out their lawful activities or duties. Privacy – Right of an individual not to have personal information collected, stored, and disclosed either will fully or indiscriminately. Data protection – Protection of personal data from unlawful acquisition, storage, and disclosure, and provision of the safeguards to avoid the destruction or corruption of legitimate data 30