1 / 39

Managing Multi-User Databases (3)

Managing Multi-User Databases (3). IS 240 – Database Management Lecture #20 2004-04-27 Prof. M. E. Kabay, PhD, CISSP Norwich University mkabay@norwich.edu. Topics. Fundamentals of Information Security Database Security Database Recovery Management Issues. Fundamentals of IA.

rogan-reid
Download Presentation

Managing Multi-User Databases (3)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Managing Multi-User Databases (3) IS 240 – Database Management Lecture #20 2004-04-27 Prof. M. E. Kabay, PhD, CISSP Norwich University mkabay@norwich.edu

  2. Topics • Fundamentals of Information Security • Database Security • Database Recovery • Management Issues

  3. Fundamentals of IA • The Classic Triad • Confidentiality • Integrity • Availability • The Parkerian Hexad • Possession • Authenticity • Utility • Information Assurance (IA)

  4. The Classic Triad C I A

  5. Confidentiality Restricting access to data • Protecting against unauthorized disclosure of existence of data • E.g., allowing industrial spy to deduce nature of clientele by looking at directory names • Protecting against unauthorized disclosure of details of data • E.g., allowing 13-yr old girl to examine HIV+ records in Florida clinic C

  6. Integrity Internal consistency, validity, fitness for use • Avoiding physical corruption • E.g., database pointers trashed or data garbled • Avoiding logical corruption • E.g., inconsistencies between order header total sale & sum of costs of details C I

  7. Availability Timely access to data • Avoid delays • E.g., prevent system crashes & arrange for recovery plans • Avoid inconvenience • E.g., prevent mislabeling of files A C I

  8. Problem: Missing Elements • Which principle of the C-I-A triad has been breached when • A child takes bank card with password in envelope but does not open it? • Someone sends threat to President using your e-mail address but not your e-mail logon? • Someone converts all the salary figures in your database to Iraqi Dinars? ANSWER: NONE OF THEM – THE TRIAD IS INSUFFICIENT TO DESCRIBE SECURITY BREACHES

  9. The Parkerian Hexad Protect the 6 atomic elements of INFOSEC: • Confidentiality • Possession or control • Integrity • Authenticity • Availability • Utility

  10. Why “Parkerian?” Donn G. Parker Recipient of Lifetime Achievement Award from NCSC in 1993

  11. Possession Control over information • Preventing physical contact with data • E.g., case of thief who recorded ATM PINs by radio (but never looked at them) • Preventing copying or unauthorized use of intellectual property • E.g., violations by software pirates A C P I

  12. Authenticity Correspondence to intended meaning • Avoiding nonsense • E.g., part number field actually contains cost • Avoiding fraud • E.g., sender's name on e-mail is changed to someone else's Au Av C P A

  13. Utility Usefulness for specific purposes • Avoid conversion to less useful form • E.g., replacing dollar amounts by foreign currency equivalent • Prevent impenetrable coding • E.g., employee encrypts source code and "forgets" decryption key U Au Av C P I

  14. Functions of IA (1) • Avoidance: e.g., prevent vulnerabilities and exposures • Deterrence: make attack less likely • Detection: quickly spot attack • Prevention: prevent exploit • Mitigation: reduce damage • Transference: shift control for resolution

  15. Functions of IA (2) • Investigation: characterize incident • Sanctions & rewards: punish guilty, encourage effective responders • Recovery: immediate response, repair • Correction: never again • Education: advance knowledge and teach others

  16. Information Assurance (IA) Avoid Deter Educate Detect Correct Prevent Recover Mitigate Punish/reward Transfer Investigate

  17. Database Security • Processing Rights • I&A • Individuals & User Groups • Application Security

  18. MORE POWER / DANGER LESS POWER / DANGER Processing Rights • Who gets to do what to which records? • Different functions • Modify DB structure • Grant rights to users • Change records • Delete • Modify (change) • Insert • See entire records • See selected fields

  19. I&A: Identification & Authentication • Each individual user has unique identifier • User ID for operating system logon • User ID for DBMS access • Connection between user ID and actual person is known as authentication based on • What you know • What you have • What you are • What you do • User IDs should never be shared

  20. Individuals & User Groups • Individual users may have specific rights • Call this authorization or privileges for specific functions • Can also define rights for groups of people (aka role-based security) • Call these user groups; e.g., • Human resources clerks vs HR managers • Accounting book-keepers vs Accounting managers • Managers for different departments • May define “public” or “visitor” group if necessary • Provide safe privileges for specific functions • E.g., lookups, interactions for requesting info, subscribing to newsletter….

  21. Application Security • DBMS security may not suffice for specific applications • Business rules may be more complex than simply assigning privileges according to identity; e.g., • Some patient records may be accessible to nurse or doctor only while they are treating a specific patient • Some financial information may be locked while SEC is performing an audit • Such requirements are programmed at the application level

  22. Topics • Database Security • Database Recovery • Management Issues

  23. Database Recovery • Transactions • Application Logging • Transactions and Log Files • Backups & Log Files • Recovery from Backups • Recovery from Log Files

  24. Transactions • What are transactions? • Why would we care if a transaction were interrupted by a DBMS failure or a system failure?

  25. Application Logging • Benefits of logging • Audit trail for security / investigations • Performance data • Debugging • What might a logging process write into the log file when a process is • Adding a record? • Changing a record? • Deleting a record?

  26. Transactions and Log Files • Why would it matter to anyone that a log file keep a distinction among different transactions? • How does a log file mark an atomic transaction?

  27. Backups & Log Files Distinguish among the following types of backups: • System vs application • Full (everything) • Differential (aka Partial) (everything changed since last full) • Incremental (everything changed since last incremental) • Delta (only changed data) • Log files (only the information about the changes)

  28. Backup Types

  29. Recovery from Backups • Discuss how one would use each of the following types of backup in recovering from a system failure • Full • Differential • Incremental • Delta

  30. Recovery from Log Files • Roll-backward recovery • Use log file to identify interrupted (incomplete) transactions using checkpoints • How? ____________________________ • Remove all changes that are part of those incomplete transactions • Roll-forward recovery • Start with valid backup • Use log file to re-apply all completed transactions • Leave out the incomplete transactions • Which kind is faster?_____________________

  31. Topics • Database Security • Database Recovery • Management Issues

  32. Management Issues • Performance • Inflection points • Capacity • Application Evolution

  33. Performance Management • Log files help DBAs monitor and improve application and system performance • Identify application errors quickly • Identify operators with high error rates • Calculate response times on different servers • Can monitor trends in • transaction volumes • Response times • Look for inflection points and study reasons

  34. Inflection Points • Watch for changes in slope • Always find out why pattern has changed ? Resource Time

  35. Capacity • Same reasoning: look for trends in disk space usage • Identify which applications are growing fastest • Project when you will need to increase storage capacity • Never let a database fill up to maximum capacity • Be curious about any sudden change in rate of growth – find out if there are problems

  36. Application Evolution • All applications must change • Environment changes • Operating systems / DBMS versions • Regulations & laws • Business needs • Therefore databases change • DBAs must plan to meet demands for change • Keep track of structure, usage • Define data repository • Full metadata about all organization data systems

  37. Homework • Finish very carefully reading all of Chapter 11 using the full SQ3R techniques. • REQUIRED by MONDAY NOON 3rd May (hand in at B&M office) for 26 points • Group I Questions #11.37 through 11.49 • ALL remaining outstanding homework is due by that date. No further extensions. • MK will return all homework to B&M office by Tuesday NOON • OPTIONAL also by Monday 3rd May for 3 extra points each • 11.52 and/or 11.53 on p. 327

  38. Final Exam • Thursday 6 May 2004 • 08:00-10:30 • Dewey 211 • Covers entire course material • T/F, short answer, diagrams, short essay,

  39. DISCUSSION

More Related