database security security architecture. 2 objectives define security describe an information system...
TRANSCRIPT
![Page 1: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/1.jpg)
Database SecurityDatabase Security
Security Architecture
![Page 2: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/2.jpg)
2
ObjectivesObjectives
• Define security• Describe an information system and its
components• Define database management system
functionalities• Outline the concept of information security
![Page 3: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/3.jpg)
3
Objectives (continued) Objectives (continued)
• Identify the major components of information security architecture
• Define database security• List types of information assets and their values• Describe security methods
![Page 4: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/4.jpg)
4
SecuritySecurity
• Database security: degree to which data is fully protected from tampering or unauthorized acts
• Comprises information system and information security concepts
![Page 5: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/5.jpg)
5
Information SystemsInformation Systems
• Wise decisions require:– Accurate and timely information
– Information integrity
• Information system: comprised of components working together to produce and generate accurate information
• Categorized based on usage
![Page 6: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/6.jpg)
6
Information Systems (continued)Information Systems (continued)
![Page 7: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/7.jpg)
7
Information Systems (continued)Information Systems (continued)
![Page 8: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/8.jpg)
8
Information Systems (continued)Information Systems (continued)
![Page 9: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/9.jpg)
9
Information Systems (continued)Information Systems (continued)
• Information system components include:– Data
– Procedures
– Hardware
– Software
– Network
– People
![Page 10: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/10.jpg)
10
Information Systems (continued)Information Systems (continued)
![Page 11: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/11.jpg)
11
Information Systems (continued)Information Systems (continued)
• Client/server architecture:– Based on the business model
– Can be implemented as one-tier; two-tier; n-tier
– Composed of three layers
• Tier: physical or logical platform• Database management system (DBMS):
collection of programs that manage database
![Page 12: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/12.jpg)
12
Information Systems (continued)Information Systems (continued)
![Page 13: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/13.jpg)
13
Database ManagementDatabase Management
• Essential to success of information system• DBMS functionalities:
– Organize data
– Store and retrieve data efficiently
– Manipulate data (update and delete)
– Enforce referential integrity and consistency
– Enforce and implement data security policies and procedures
– Back up, recover, and restore data
![Page 14: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/14.jpg)
14
Database Management (continued)Database Management (continued)
• DBMS components include:– Data
– Hardware
– Software
– Networks
– Procedures
– Database servers
![Page 15: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/15.jpg)
15
Database Management (continued)Database Management (continued)
![Page 16: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/16.jpg)
16
Information SecurityInformation Security
• Information is one of an organization’s most valuable assets
• Information security: consists of procedures and measures taken to protect information systems components
• C.I.A. triangle: confidentiality, integrity, availability
• Security policies must be balanced according to the C.I.A. triangle
![Page 17: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/17.jpg)
17
Information Security (continued)Information Security (continued)
![Page 18: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/18.jpg)
18
ConfidentialityConfidentiality
• Addresses two aspects of security:– Prevention of unauthorized access
– Information disclosure based on classification
• Classify company information into levels:– Each level has its own security measures
– Usually based on degree of confidentiality necessary to protect information
![Page 19: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/19.jpg)
19
Confidentiality (continued)Confidentiality (continued)
![Page 20: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/20.jpg)
20
IntegrityIntegrity
• Consistent and valid data, processed correctly, yields accurate information
• Information has integrity if:– It is accurate
– It has not been tampered with
• Read consistency: each user sees only his changes and those committed by other users
![Page 21: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/21.jpg)
21
Integrity (continued)Integrity (continued)
![Page 22: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/22.jpg)
22
Integrity (continued)Integrity (continued)
![Page 23: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/23.jpg)
23
AvailabilityAvailability
• Systems must be always available to authorized users
• Systems determines what a user can do with the information
![Page 24: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/24.jpg)
24
Availability (continued)Availability (continued)
• Reasons for a system to become unavailable:– External attacks and lack of system protection
– System failure with no disaster recovery strategy
– Overly stringent and obscure security policies
– Bad implementation of authentication processes
![Page 25: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/25.jpg)
25
Information Security ArchitectureInformation Security Architecture
• Protects data and information produced from the data
• Model for protecting logical and physical assets• Is the overall design of a company’s
implementation of C.I.A. triangle
![Page 26: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/26.jpg)
26
Information Security Architecture Information Security Architecture (continued)(continued)
![Page 27: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/27.jpg)
27
Information Security Architecture Information Security Architecture (continued)(continued)
• Components include:– Policies and procedures
– Security personnel and administrators
– Detection equipments
– Security programs
– Monitoring equipment
– Monitoring applications
– Auditing procedures and tools
![Page 28: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/28.jpg)
28
Database SecurityDatabase Security
• Enforce security at all database levels• Security access point: place where database
security must be protected and applied• Data requires highest level of protection; data
access point must be small
![Page 29: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/29.jpg)
29
Database Security (continued)Database Security (continued)
![Page 30: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/30.jpg)
30
Database Security (continued)Database Security (continued)
• Reducing access point size reduces security risks
• Security gaps: points at which security is missing
• Vulnerabilities: kinks in the system that can become threats
• Threat: security risk that can become a system breach
![Page 31: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/31.jpg)
31
Database Security (continued)Database Security (continued)
![Page 32: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/32.jpg)
32
Database Security (continued)Database Security (continued)
![Page 33: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/33.jpg)
33
Database Security LevelsDatabase Security Levels
• Relational database: collection of related data files
• Data file: collection of related tables• Table: collection of related rows (records)• Row: collection of related columns (fields)
![Page 34: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/34.jpg)
34
Database Security Levels (continued)Database Security Levels (continued)
![Page 35: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/35.jpg)
35
Menaces to DatabasesMenaces to Databases
• Security vulnerability: a weakness in any information system component
![Page 36: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/36.jpg)
36
Menaces to Databases (continued)Menaces to Databases (continued)
![Page 37: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/37.jpg)
37
Menaces to Databases (continued)Menaces to Databases (continued)
• Security threat: a security violation or attack that can happen any time because of a security vulnerability
![Page 38: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/38.jpg)
38
Menaces to Databases (continued)Menaces to Databases (continued)
![Page 39: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/39.jpg)
39
Menaces to Databases (continued)Menaces to Databases (continued)
• Security risk: a known security gap intentionally left open
![Page 40: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/40.jpg)
40
Menaces to Databases (continued)Menaces to Databases (continued)
![Page 41: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/41.jpg)
41
Menaces to Databases (continued)Menaces to Databases (continued)
![Page 42: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/42.jpg)
42
Asset Types and Their ValueAsset Types and Their Value
• Security measures are based on the value of each asset
• Types of assets include:– Physical
– Logical
– Intangible
– Human
![Page 43: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/43.jpg)
43
Security MethodsSecurity Methods
![Page 44: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/44.jpg)
44
Security Methods (continued)Security Methods (continued)
![Page 45: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/45.jpg)
45
Database Security MethodologyDatabase Security Methodology
![Page 46: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/46.jpg)
46
SummarySummary
• Security: level and degree of being free from danger and threats
• Database security: degree to which data is fully protected from unauthorized tampering
• Information systems: backbone of day-to-day company operations
![Page 47: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/47.jpg)
47
Summary (continued)Summary (continued)
• DBMS: programs to manage a database• C.I.A triangle:
– Confidentiality
– Integrity
– Availability
• Secure access points• Security vulnerabilities, threats and risks
![Page 48: Database Security Security Architecture. 2 Objectives Define security Describe an information system and its components Define database management system](https://reader031.vdocuments.mx/reader031/viewer/2022013004/56649e755503460f94b766fd/html5/thumbnails/48.jpg)
48
Summary (continued)Summary (continued)
• Information security architecture– Model for protecting logical and physical assets
– Company’s implementation of a C.I.A. triangle
• Enforce security at all levels of the database