By:
Jim Browning and
Adriaan Veldhuisen
Executive Summary
Introduction
Executive Summary
Authentication
Authorization
Data Security
10
11
Assurance
12
13
Endnotes
13
Personal Information
Protection Act (Japan)
The Japanese Personal Information
Protection Law requires that companies
operating in Japan develop and implement
Gramm-Leach-Bliley Act
Directives
ience to a customer.
Sarbanes-Oxley Act
information.
value
Owners
wish to minimize
to reduce
impose
Safeguards
that may
possess
that may be
reduced by
that
exploit
Vulnerabilities
may be aware of
leading to
Risk
Threat Agents
that
increase
give rise to
to
Threats
Assets
Teradata Database.
Common Criteria for Information Technology Security Evaluation, Part 1: Introduction and general model
warehouses.
Teradata Solutions Methodology, as
depicted in Figure 2, is a formal, proven,
Teradata Solutions
Methodology
Planning
Implementation
Production
Project Management
STRATEGY
RESEARCH
ANALYZE
DESIGN
EQUIP
BUILD
INTEGRATE
MANAGE
Opportunity
Assessment
Business
Value
Application
Requirement
System
Architecture
Hardware
Installation
Physical
Database
Components
for Testing
Capacity
Planning
Enterprise
Assessment
Data
Warehouse
Maturity
Logical
Model
Package
Adaptation
Software
Installation
ECTL
Application
System Test
System
Performance
Enterprise
Information
Governance
Information
Sourcing
Data
Mapping
Custom
Component
Support
Management
Information
Exploitation
Production
Install
Business
Continuity
Infrastructure
& Education
Test Plan
Operational
Mentoring
Operational
Applications
Initial
Data
Data
Migration
Education
Plan
Technical
Education
Backup &
Recovery
Acceptance
Testing
System
Relocation
User
Training
Hardware/
Software
Upgrade
Value
Assessment
Availability
SLA
DBMS Neutral
Services
User
Curriculum
System
DBA
Analytical
Models
Teradata Database
Security Features
Usage Controls
Description
Password
Expiration
Password Reuse
Maximum Logon
Attempts
Password Lockout
Time
Format Controls
Description
Password Length
Password
Construction
Domain 2
MS Active
Directory Server
Logon to
Domain 1
Trust Relationship
Logon to
Database
Logon to Database
LDAP Authentication
For enterprises where users may have
Security Roles
Users
Roles
Views
Base Tables
Clinician
Clinician
Clinician
Clinician
Researcher
Researcher
and assigned to the directory user. External roles assigned to a directory user can
Lab Analyst
Lab Analyst
Lab Analyst
Lab Analyst
definition.
feature, individual rights must be converted into role rights. This requires
creating the required roles and granting
appropriate rights to each role. Roles
can then be granted to users and users
assigned their default roles. Finally, all
individual access rights that have been
replaced by role rights should be revoked
from the users to ensure that all access
Directory Integration
on the network.
Data Security
Views
Researcher
Business
Analyst
Base Tables
Lab
Analyst
effectively audited.
Assurance
property:
Common Criteria
independently
the International
Standard ISO/IEC
15408:1999, which is
meant to be used as a
basis for evaluating
security properties of Information Technology
(IT) products and systems. The Common
Teradata Database
Security Advantage
audit reporting.
Endnotes
1
Conclusion
niap.nist.gov/cc-scheme/st/
new challenges.
ST_VID7001.html
This document, which includes the information contained herein, is the exclusive property of Teradata Corporation. Any person is hereby authorized to view, copy,
print, and distribute this document subject to the following conditions. This document may be used for non-commercial, informational purposes only and is
provided on an AS-IS basis. Any copy of this document or portion thereof must include this copyright notice and all other restrictive legends appearing in this
document. Note that any product, process or technology described in the document may be the subject of other intellectual property rights reserved by Teradata
and are not licensed hereunder. No license rights will be implied. Use, duplication, or disclosure by the United States government is subject to the restrictions set
forth in DFARS 252.227-7013 (c) (1) (ii) and FAR 52.227-19.
Microsoft and Windows are registered trademarks of Microsoft Corporation. Teradata continually enhances products as new technologies and components become
available. Teradata continually improves products as new technologies and components become available. Teradata, therefore, reserves the right to change
specifications without prior notice. All features, functions, and operations described herein may not be marketed in all parts of the world. Consult your Teradata
representative or Teradata.com for more information.
Copyright 2005-2007 by Teradata Corporation
Produced in U.S.A.