Scribd Logo
Upload

Welcome to Scribd!

  • Managing Data Security: Data and Database Administration

    Uploaded by

    Patrick Ramos
    14 views6 pages
    This document discusses database security and managing data security. It covers threats to data such as human error, theft, and loss of privacy or integrity. It also discusses establishing security for client/server systems and web-enabled databases through various methods such as restricting users and ports, removing unneeded programs, and enforcing authorization rules and encryption. Database management systems help protect data through features like views, integrity controls, authentication schemes, and backups. The document also covers security policies and procedures related to personnel, physical access, maintenance, and data privacy controls.

    Original Description:

    Advanced Database Management Systems Reviewer

    Original Title

    ADBMS group1

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses database security and managing data security. It covers threats to data such as human error, theft, and loss of privacy or integrity. It also discusses establishing security for client/server systems and web-enabled databases through various methods such as restricting users and ports, removing unneeded programs, and enforcing authorization rules and encryption. Database management systems help protect data through features like views, integrity controls, authentication schemes, and backups. The document also covers security policies and procedures related to personnel, physical access, maintenance, and data privacy controls.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views6 pages

    Managing Data Security: Data and Database Administration

    Uploaded by

    Patrick Ramos
    This document discusses database security and managing data security. It covers threats to data such as human error, theft, and loss of privacy or integrity. It also discusses establishing security for client/server systems and web-enabled databases through various methods such as restricting users and ports, removing unneeded programs, and enforcing authorization rules and encryption. Database management systems help protect data through features like views, integrity controls, authentication schemes, and backups. The document also covers security policies and procedures related to personnel, physical access, maintenance, and data privacy controls.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Chapter 12:

    Data and Database Administration

    Managing Data Security


    Database Security

    Protection of the data against accidental or intentional loss, destruction, or misuse

    Threats to Data Security

    Threats to data security may be direct threats to the database

    Threats
    Accidental losses, including human error, software, and hardware-caused breaches
    Theft and fraud
    Loss of privacy or confidentially
    Loss of data integrity
    Loss of availability
    Establishing Client/Server Security

    Server Security

    Network Security

    Server Security
    Network Security

    Securing Client/Server systems includes securing the network between client and server

    consists of the provisions and policies adopted by a network administrator to prevent and
    monitor unauthorized access, misuse, modification, or denial of a computer network and networkaccessible resources

    Client/Server Security Issues for Web-Enabled Databases

    Web Security

    Web Privacy

    Web Security

    Involving browser security but also network security on a more general level as it applies to other
    applications or operating systems on a whole. Its objective is to establish rules and measures to
    use against attacks over the Internet.

    Additional Methods of Web Security:

    Restrict the number of users on the Web Server as much as possible.

    Restrict the to the Web server, keeping a minimum number of ports open.

    Remove any unneeded programs that load automatically when setting up the server.

    Web Privacy

    Involves the right or mandate of personal privacy concerning the storing, repurposing, provision
    to third-parties, and displaying of information pertaining to oneself via the Internet

    Aspects of Online Privacy

    Who is collecting the data ?

    What information is being collected and for what purpose ?

    Which information will be shared with others and who are those others ?

    Can users make changes in the way their data will be used by a collector ?

    How are disputes resolved ?

    What policies are followed for retaining data ?

    Where can the sites detailed policies be found in readable form ?

    Database Software Data Security Features

    Security Features of DMS

    Views or Subschemas, which restrict users view of the database

    Domains, assertions, checks, and other integrity controls defined as database objects, which are
    enforced by the DBMS during database querying and updating

    Authorization Rules, which identify users and restrict the actions they may take against a
    database

    User Defined Procedures, which define additional constraints or limitations in using a database

    Encryption Procedures , which encode data in an unrecognizable form

    Authentication schemes, which positively identify persons attempting to gain access to a database

    Back up, journaling, and checkpointing, capabilities, which facilitate recovery procedures

    Views

    Restrict the users View of Database

    Integrity Control

    Protect data from unauthorized use and update

    Authorization Rules

    Controls incorporated in the data management systems that restrict access to data and also restrict
    the actions that people may take when they access data

    User Defined Procedures

    User exits (or interfaces) that allow system designers to define their own security procedures n
    addition to the authorization rules

    Encryption

    The coding or scrambling of data so that humans cannot read them

    Is the process of encoding messages (or information) in such a way that eavesdroppers or hackers
    cannot read it, but that authorized parties can

    Authentication Schemes
    Factors
    1. Something the user knows, usually a password or personal identification number (PIN).
    2. Something the user possesses, such as a card or token.
    3. Some unique personal characteristic, such as a fingerprint or retinal scan.
    Authentication Schemes

    Authentication Schemes also called one factor, two factor or three factor authentication,
    depending on how many of these factors are employed. Authentication become stronger in
    proportion to the number of factors that are used

    Password

    The first line of defense is the use of password, which is one-factor authentication schemes.
    Is a secret word or string of characters that is used for user authentication to prove identity, or
    for access approval to gain access to a resource.

    Guidelines in Creating a Passwords


    Each password should be at least eight characters long
    Each password should consist of a combination of alphabetic and numeric characters
    Passwords should not be complete words and should not embed personal data such as birthdates
    Initial passwords should be random values, and passwords should be changed frequently
    Strong Authentication

    This scheme is much more secure than a simple passwords because it is quite difficult for an
    unauthorized person to obtain both factors at the same time.

    It requires two of the three factors

    Smart Card

    a credit card sized plastic card with an embedded microprocessor chip with the ability
    to store, process, and output electronic data in a secure manner

    Mediated Authentication

    A third-party mediated authentication systems, which establish user authenticity through a trusted
    authentication agent, such as Kerberos.

    Kerberos

    Developed at MIT

    Primary used in application-level protocols, such as TELNET or FTP, to provide user-to-host


    security

    Kerberos works by providing a secret key (Kerberos Ticket) to a qualified user that can then be
    embedded in any other network protocol

    Security policies and procedures


    4 types of Security Policies and Procedures
    Personnel Controls
    Physical Access Controls
    Maintenance Controls
    Data Privacy Controls
    Personnel Controls

    Adequate controls of personnel must be developed and followed, for the greatest threat to
    business security is often internal or external

    Physical Access Controls

    Limiting of access to particular areas within a building.

    It works with an access card or other devices that uses as a identification

    Maintenance Controls

    An area of control that helps to maintain data quality and availability but that is often overlooked
    is maintenance control.

    Data Privacy Controls

    Generally gives individuals the right to know what have been collected about them and to correct
    any errors in those data

    You might also like