Managing Multi-User Databases (3)
-
Upload
rogan-reid -
Category
Documents
-
view
22 -
download
2
description
Transcript of Managing Multi-User Databases (3)
Managing Multi-User
Databases (3)IS 240 – Database Management
Lecture #20 2004-04-27Prof. M. E. Kabay, PhD, CISSP
Norwich University
2 Copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Fundamentals of Information SecurityDatabase SecurityDatabase RecoveryManagement Issues
3 Copyright © 2004 M. E. Kabay. All rights reserved.
Fundamentals of IA
The Classic TriadConfidentialityIntegrityAvailability
The Parkerian HexadPossessionAuthenticityUtility
Information Assurance (IA)
4 Copyright © 2004 M. E. Kabay. All rights reserved.
The Classic Triad
C
I A
5 Copyright © 2004 M. E. Kabay. All rights reserved.
Confidentiality
Restricting access to dataProtecting against unauthorized disclosure of
existence of dataE.g., allowing industrial spy to deduce
nature of clientele by looking at directory names
Protecting against unauthorized disclosure of details of dataE.g., allowing 13-yr old girl to examine
HIV+ records in Florida clinic
C
6 Copyright © 2004 M. E. Kabay. All rights reserved.
Integrity
Internal consistency, validity, fitness for useAvoiding physical corruption
E.g., database pointers trashed or data garbledAvoiding logical corruption
E.g., inconsistencies between order header total sale & sum of costs of details
C I
7 Copyright © 2004 M. E. Kabay. All rights reserved.
Availability
Timely access to dataAvoid delays
E.g., prevent system crashes & arrange for recovery plans
Avoid inconvenienceE.g., prevent mislabeling of files
C I
A
8 Copyright © 2004 M. E. Kabay. All rights reserved.
Problem: Missing Elements
Which principle of the C-I-A triad has been breached whenA child takes bank card with password in
envelope but does not open it?Someone sends threat to President using
your e-mail address but not your e-mail logon?
Someone converts all the salary figures in your database to Iraqi Dinars?
ANSWER: NONE OF THEM – THE TRIAD IS INSUFFICIENT TO DESCRIBE SECURITY BREACHES
9 Copyright © 2004 M. E. Kabay. All rights reserved.
The Parkerian Hexad
Protect the 6 atomic elements of INFOSEC:
ConfidentialityPossession or control IntegrityAuthenticityAvailabilityUtility
10 Copyright © 2004 M. E. Kabay. All rights reserved.
Why “Parkerian?”
Donn G. Parker
Recipient of Lifetime Achievement Award from NCSC in 1993
11 Copyright © 2004 M. E. Kabay. All rights reserved.
Possession
Control over informationPreventing physical contact with data
E.g., case of thief who recorded ATM PINs by radio (but never looked at them)
Preventing copying or unauthorized use of intellectual propertyE.g., violations by software pirates
C P I
A
12 Copyright © 2004 M. E. Kabay. All rights reserved.
Authenticity
Correspondence to intended meaningAvoiding nonsense
E.g., part number field actually contains cost
Avoiding fraudE.g., sender's name on e-mail is changed
to someone else's
C P A
Au Av
13 Copyright © 2004 M. E. Kabay. All rights reserved.
Utility
Usefulness for specific purposesAvoid conversion to less useful form
E.g., replacing dollar amounts by foreign currency equivalent
Prevent impenetrable codingE.g., employee encrypts source code and
"forgets" decryption key
C P I
Au Av
U
14 Copyright © 2004 M. E. Kabay. All rights reserved.
Functions of IA (1)
Avoidance: e.g., prevent vulnerabilities and exposures
Deterrence: make attack less likelyDetection: quickly spot attackPrevention: prevent exploitMitigation: reduce damageTransference: shift control for resolution
15 Copyright © 2004 M. E. Kabay. All rights reserved.
Functions of IA (2)
Investigation: characterize incidentSanctions & rewards: punish guilty,
encourage effective respondersRecovery: immediate response, repairCorrection: never againEducation: advance knowledge and teach
others
16 Copyright © 2004 M. E. Kabay. All rights reserved.
Information Assurance (IA)
Avoid
Deter
Detect
Prevent
Mitigate
Transfer
Investigate
Punish/reward
Recover
Correct
Educate
17 Copyright © 2004 M. E. Kabay. All rights reserved.
Database Security
Processing Rights I&A Individuals & User GroupsApplication Security
18 Copyright © 2004 M. E. Kabay. All rights reserved.
Processing Rights
Who gets to do what to which records?Different functions
Modify DB structureGrant rights to usersChange records
DeleteModify (change)Insert
See entire recordsSee selected fields
MORE POWER / DANGER
LESS POWER / DANGER
19 Copyright © 2004 M. E. Kabay. All rights reserved.
I&A: Identification & Authentication
Each individual user has unique identifierUser ID for operating system logonUser ID for DBMS access
Connection between user ID and actual person is known as authentication based onWhat you knowWhat you haveWhat you areWhat you do
User IDs should never be shared
20 Copyright © 2004 M. E. Kabay. All rights reserved.
Individuals & User Groups
Individual users may have specific rightsCall this authorization or privileges for specific
functions Can also define rights for groups of people (aka role-
based security)Call these user groups; e.g.,
Human resources clerks vs HR managersAccounting book-keepers vs Accounting
managersManagers for different departments
May define “public” or “visitor” group if necessaryProvide safe privileges for specific functionsE.g., lookups, interactions for requesting info,
subscribing to newsletter….
21 Copyright © 2004 M. E. Kabay. All rights reserved.
Application Security
DBMS security may not suffice for specific applications
Business rules may be more complex than simply assigning privileges according to identity; e.g.,Some patient records may be accessible to
nurse or doctor only while they are treating a specific patient
Some financial information may be locked while SEC is performing an audit
Such requirements are programmed at the application level
22 Copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Database SecurityDatabase RecoveryManagement Issues
23 Copyright © 2004 M. E. Kabay. All rights reserved.
Database Recovery
TransactionsApplication LoggingTransactions and Log FilesBackups & Log FilesRecovery from BackupsRecovery from Log Files
24 Copyright © 2004 M. E. Kabay. All rights reserved.
Transactions
What are transactions?Why would we care if a transaction were
interrupted by a DBMS failure or a system failure?
25 Copyright © 2004 M. E. Kabay. All rights reserved.
Application Logging
Benefits of loggingAudit trail for security / investigationsPerformance dataDebugging
What might a logging process write into the log file when a process is
Adding a record?
Changing a record?
Deleting a record?
26 Copyright © 2004 M. E. Kabay. All rights reserved.
Transactions and Log Files
Why would it matter to anyone that a log file keep a distinction among different transactions?
How does a log file mark an atomic transaction?
27 Copyright © 2004 M. E. Kabay. All rights reserved.
Backups & Log Files
Distinguish among the following types of backups:System vs applicationFull (everything)Differential (aka Partial) (everything changed
since last full) Incremental (everything changed since last
incremental)Delta (only changed data)Log files (only the information about the
changes)
28 Copyright © 2004 M. E. Kabay. All rights reserved.
Backup Types
File SUN MON TUE WED THU FRI SAT
A
B
C
D
E
Backup Type SUN MON TUE WED THU FRI SAT
FULL ABCDE ABCDE ABCDE ABCDE ABCDE ABCDE ABCDE
DIFFERENTIAL A AB ABD ABCD ABCDE ABCDE
INCREMENTAL A B AD ABCD CDE ABC
DELTA (records) A' B' A'D' A'B'C'D' C'D'E' A'B'C'
29 Copyright © 2004 M. E. Kabay. All rights reserved.
Recovery from Backups
Discuss how one would use each of the following types of backup in recovering from a system failureFullDifferentialIncrementalDelta
30 Copyright © 2004 M. E. Kabay. All rights reserved.
Recovery from Log Files
Roll-backward recoveryUse log file to identify interrupted
(incomplete) transactions using checkpoints
How? ____________________________Remove all changes that are part of those
incomplete transactionsRoll-forward recovery
Start with valid backupUse log file to re-apply all completed
transactionsLeave out the incomplete transactions
Which kind is faster?_____________________
31 Copyright © 2004 M. E. Kabay. All rights reserved.
Topics
Database SecurityDatabase RecoveryManagement Issues
32 Copyright © 2004 M. E. Kabay. All rights reserved.
Management Issues
Performance Inflection pointsCapacityApplication Evolution
33 Copyright © 2004 M. E. Kabay. All rights reserved.
Performance Management
Log files help DBAs monitor and improve application and system performanceIdentify application errors quicklyIdentify operators with high error ratesCalculate response times on different
serversCan monitor trends in
transaction volumesResponse times
Look for inflection points and study reasons
34 Copyright © 2004 M. E. Kabay. All rights reserved.
Inflection Points
Watch for changes in slopeAlways find out why pattern has changed
Time
Re
so
urc
e ?
35 Copyright © 2004 M. E. Kabay. All rights reserved.
Capacity
Same reasoning: look for trends in disk space usage
Identify which applications are growing fastest
Project when you will need to increase storage capacity
Never let a database fill up to maximum capacity
Be curious about any sudden change in rate of growth – find out if there are problems
36 Copyright © 2004 M. E. Kabay. All rights reserved.
Application Evolution
All applications must changeEnvironment changes
Operating systems / DBMS versionsRegulations & lawsBusiness needs
Therefore databases changeDBAs must plan to meet demands for change
Keep track of structure, usageDefine data repository
Full metadata about all organization data systems
37 Copyright © 2004 M. E. Kabay. All rights reserved.
Homework
Finish very carefully reading all of Chapter 11 using the full SQ3R techniques.
REQUIRED by MONDAY NOON 3rd May (hand in at B&M office) for 26 pointsGroup I Questions #11.37 through 11.49ALL remaining outstanding homework is
due by that date. No further extensions.MK will return all homework to B&M office
by Tuesday NOON OPTIONAL also by Monday 3rd May for 3 extra
points each11.52 and/or 11.53 on p. 327
38 Copyright © 2004 M. E. Kabay. All rights reserved.
Final Exam
Thursday 6 May 200408:00-10:30Dewey 211Covers entire course materialT/F, short answer, diagrams, short essay,
39 Copyright © 2004 M. E. Kabay. All rights reserved.
DISCUSSION