AUTHENTICATION
Accounts have user-ids and password; Passwords are stored in an encrypted format in the data dictionary. Passwords include user passwords whether across the network or local connections, server to server passwords, and database administrator passwords. Host-based authentication which is based on the operating system’s user accounts which are then passed on to DBMS
PRIVILEGES
New users must be given privileges before they can logon or execute any database operation. There are an impressive number of privileges that can be given, around 100 in all. There are two types of privileges available to be granted to users. They are system and object privileges.
- System privileges allow a user to create or manipulate objects, but do not give access to actual
Database objects. System privileges allow a user to execute commands such as ALTER
TABLE, CREATE TABLE, EXECUTE ANY PROCEDURE, and DELETE TABLE.
- Object privileges are used to allow access to a specific database object, such as a particular
Table or view and are given at the view level. This allows for an administrator to give users access to a chosen sub-set of columns or rows in a table, rather than the entire table. Oracle also allows for the user of the GRANT privilege which allows a user to GRANT their privileges to another user or role for objects that they own.
ROLES
Roles are used to ease the management task of assigning a multitude of privileges to users. Roles are first created and then given sets of privileges that can be assigned to users and other roles. Users can be given multiple roles. It is much easier to create sub-sets of privileges that are organized into roles and then assign the role to one or more users. Roles can be protected with passwords. Roles that are protected with passwords require that a password be provided before activating a role unless it is the user’s default role. The password feature can be useful in situations where a user needs access to data through an application but it is not desirable to give the user direct access to the data through the use of a report writing tool, etc. The password can be supplied by the application, thus preventing the user to even need to know the password.
PROFILES
Profiles allow the administrator to place specific restrictions and controls on a number of system resources, password use etc. These profiles can be defined, named, and then assigned to specific users or groups of users. Two types of profiles:
- System resource profiles can be used to put user limits on certain system resources such as CPU time, the number of data blocks that can be read per session or program call, the number of concurrent active sessions, idle time, and the maximum connection time for a user. Define and enforce password rules such as password life, grace logins, and account lockout after a defined number of failed login attempts.
- Product profiles can be used to prevent users from accessing specific commands or all commands in Oracle SQL, SQL*Plus, SQL*Report Writer, and PL*SQL. Use of this option allows the administrator to do such things as prevent user access to the operating system (SQL*PLUS HOST command), and to prevent unauthorized copying of data from one table to another (SQL*PLUS COPY command).
DATABASE SECURITY THREATS
A threat is any situation or event, whether intentional or unintentional, that will adversely affect a system and consequently an organization
- Human Error -The risks with the highest incidence. Examples include entering incorrect transactions, failing to correct errors, using wrong data files during processing, and failing to carry out instructions in respect of security procedures
- Technical Error - This is probably the second most common risk after error. They involve malfunctioning of hardware, system software, application software or communications software
- Natural Disasters - Fire, flooding, bombs, impact and lightening etc.
- Deliberate Actions - Fraud. There is a wide variety of different methods by which such fraud can be committed.
- Commercial Espionage - When considering the value of data to competitors the organization should consider how a particular item of data might complement other data, which a competitor has obtained from publicly available sources.
- Malicious Damage - Disaffected employees destroying data also includes sabotage also falls under this heading.
SECURITY POLICY
- A security policy will include the following:
- Identification of and qualification of risks
- Identification of counter-measures
- Costing of counter-measures
- Selection of counter-measures
- Implementation of counter-measures and drawing up of a contingency plan.
NB: Risk Analysis - A contingency can be defined as 'an unscheduled interruption of computing services that requires measures outside the day to day routine operating procedures. A contingency plan must therefore provide for standby procedures to those operations can be performed while normal services are disrupted, recovery procedures, and personnel management policies.
ADMINISTRATIVE CONTROLS
- Building controls
- Contingency plans
- Secure positioning of equipment
- Physical access controls
- Personnel controls e.g. selection and division of responsibility.
DEVELOPMENT CONTROLS
When a database system is developed, there should be controls over the design, development and testing
- Program testing, system testing and user department's acceptance testing
- Formal Technical Review - Controls over changes by use configuration management
- Controls over file conversion - Standards are required for the documentation such as:
- Requirement Specification; Program Specification; Operations Manual, User Manual
- Legal Issues - legal contracts concerning software, Maintenance Agreements, Copyrights, Licenses, Privacy (Data Protection Act)
Kavungya answered the question on May 10, 2019 at 12:48