Anda di halaman 1dari 7

Information System

- Definition: group of components (data, software, hardware, communication network and

people (user, BA, developers, managers) procedures ( business rules & manual procedures)
work together to produce and generate accurate info
- Types:
o TPS (Transaction Processing System), aka OLTP (online transaction processing system)
o DSS (Decision Support): recommendations / answers to non-structured questions (Risk
mgmt., fraud detection, forecasting, case resolution)
o ES (Expert System): Artificial intelligence with domain expertise (knowledge base), rules
& inferences (simulation, market analysis, statistical trading)
- Architecture
o Tier: a physical or logical platform
o Single-tier: physically client & server on same hardware platform; logically client &
server coexist as one component (logical software module, e.g. function, process, program)
o 3-tier: client (UI); network layer (backbone of app architecture); database (core of app
architecture, response to all requests)
o Basic common functions: allow developers and administrators to: organize, store &
retrieve efficiently, manipulate, enforce data referential integrity and consistency;
enforce & implement data security policies / procedures at all levels; backup & restore
- Information Security
o Definition: procedures & measures to protect each info sys component (data, soft &
hardware, network, people)
 Proposed by National Security Telecom and Information Systems Security
Committee (NSTISSC)
 C: Confidentiality (diff levels of confidentiality to ensure authorized access); I:
Integrity (accurate, consistent, validated, not tampered by unauthorized); A:
Availability (available at ALL times to authorized, not shut by in/external attacks)
 Confidentiality: (a) prevention of unauthorized acquiring / access to secret info;
(b) safeguarding confident info and disclosing by classifying info. Violation looks
like providing unauthorized access / viewing of sensitive data
 Integrity: consistent and accurate throughout system, not tampered
intentionally / accidentally.
 Violation looks like providing application / DB access to unauthorized
user, allowing him to modify the data.
 Corrective measure: auditing to detect violations and requiring
authorization to override.
 Data Degradation Types
(causes: faulty inputs / lack of normalization & validation)
o invalid data: due to wrong entries; app not having DB
constraints / validation mechanism)
o Redundant data: due to lack of data normalization lead to data
inconsistency / anomalies
o Inconsistent data: redundant and unidentical data in multiple
places due to lack of normalization
o Data anomalies: redundancy due to unnormalized data
o Read inconsistency: not always reading last committed (weak
implementation of read consistency feature)
o Data nonconcurrency: multiple reads simultaneously possible
but lose read consistency
 Availability: accessible to authorized individuals; system decides what one can
do with the info
 Causes: internal / external attacks; system failure due to lack of disaster
recovery; stringent & obscure security procedures & policies; faulty

- Information security architecture

o Components:
 policies & procedures (documented to describe how security is carried out)
 security personnel & administrators (people to enforce & keep security in order
 detection equipmt (devices to authenticate access and detect prohibited equip)
 security program (protect PC servers from malware, virus)
 monitoring equipment (monitor physical properties, people, assets like a cam)
 monitor applications (utilities & apps to monitor network traffic, internet
activities, downloads, uploads)
 auditing procedures & tools (checks, controls to ensure security measures work)
- Database Security
o Definition: collection of security policies and procedures, data constraints, security
methods, security tools combined to implement all necessary measures to secure data
CIA of every DB environment component
o Security access point – places of database vulnerability where security measures must
be applied, enforced and audited. The goal is to reduce security access points at people,
app, network, OS, DBMS, files and data levels in order to reduce security risks
o People (who’re granted access to the DB system represent risk db security violation)
o Application (app design & implementation, incl. privileges & permissions but be not too
loose so ppl can access and violate data; not too strict so ppl can’t perform duties)
o Network (among most sensitive, provide network access only to apps, OS and DB)
o OS (authentication to system – data gateway using credentials. Failure causes most
security violations)
o DBMS (logical structure incl. memory, executables, other binaries)
o Data files (enforce db security to access data files thru permissions, encryptions and
avoid unauthorized access)
o Data (data design to enforce integrity, validity and privileges necessary to access data)
Risk high to low
(people to data)

o gaps: security access points were security is missing, exposing systems to vulnerabilities
o risk: security gaps that a company INTENTIONALLY leaves open
o Vulnerabilities: system weakness in any components (CIA) that can be exploited and
become threats, need to be watched
o Threats: Security risks (violation / attack) that has high potential to become system
breach due to security vulnerability
o Main causes of vulnerability, threats and risks and main factor to protect: people,
software and data

- Database Security levels:

o Database > data files > tables > fields (views)
- Database Security Vulnerabilities
o Definition: system weakness in any components (CIA) that can be exploited and become
threats, need to be watched
o Installation & configuration: most apps don’t enhance security measures for default set
up. E.g. incorrect installation, not changing default passwords, permission, privileges
o Software: commercial software vulnerabilities for apps, OS, DBMS, other programs. Lack
of software update patches (system admin not keeping track), buggy software
o User mistakes: no audit control, untested disaster recovery, no activity monitoring, no
patch release update, social engineering, bad authentication / implementation,
susceptibility to scams, phishing and social engineering
o Design and implementation: improper software analysis & design (coding problem &
deficiencies). Weakness in exception handling mechanisms, invalid input data

- Database Threats
o Escalated from vulnerabilities. Security risks (violation / attack) that has high potential
to become system breach due to security vulnerability
o Can result in risks that require security measures to prevent breaches / damages
o People: intentional / accidental damage, violation or destruction to any DB components
(people, app, network, OS, DBMS, data file, data). E.g. employee, contractor, gov, hacker
o Malicious code: intentionally written to damage DB components (boot sector virus, bot,
rootkit, spam, macro code, back door, (D)DoS) – page 23 for definition
 Virus (compromise system state & integrity)
 Boot sector virus (compromise segment in hard disk that contains program to
boot (start) the PC
 Worm (code to disrupt operations of a system)
 Back Door (intentional design of a SW that gives developer access to the app for
maintenance or technical problems
 Trojan horse – malicious code that penetrates a computer system / network by
pretending to be legit
 Spoofing code – malicious code that pretend to be legit
 Denial of Service (DoS) flood: flood web / network w/ requests to overload DNS
system & make it deny legit requests. 3 ways: consume resources (disk space,
bandwidth, buffers, queues); use normal system behavior to deny user access;
remotely crash a network device to make it inaccessible (deliberate failed PW
 Smurf: non-OS specific attack that uses third-party network segment to amplify
effect of attack. Sends a ping(echo-request packet to the network’s broadcast
address). Pakcet source address faked to be the victim’s system. Ultimately
overwhelm / saturate the system receiving flood of pings denial of service.
 Countermeasure: routers to drop ICMP msg from outside the network
with destination of internal broadcast address (changes to configuration
or new modifications of attack can still pose threats
 Rootkits / bots: malicious or LEGIT code that auto collect info from PC systems
 Bugs: faulty SW code due to bad design / logic
 Email spamming: sent to many recipients w/o permission
o Natural disaster
o Technical disaster: caused by equip malfunction, result in damage to DB component.
Include power, media, hardware, network failures

- Database security risks

o People: loss of man hours or employees who maintain DB components
o Hardware: risk that result in hardware unavailability / inoperability – downtown due to
hardware failure, malfunction, unreliable equipment
o Data: loss of data content / integrity (corruption, privacy loss, loss)
o Confidence: loss in confidence in data produced by the organization (fraud, loss of
procedural & policy document, DB performance degradation, confusion about DB info)

- Asset Types & their Value (4 main types)

o Security measure implemented based on value of asset. E.g. extra security measure on
prod data than test data
o Physical (Tangible) Assets: building, car, hardware, etc
o Logical Assets: logical aspects of an info sys, e.g. business app, in-house program,
purchased SW, OS, database and data
o Intangible assets: business reputation, quality, public confidence
o Human assets: skillsets, knowledge, expertise

- Security Methods
o Security technology that include a variety of methods protecting different DBMS
components (People, app, network, OS, DBMS, Data fail, data)
o Should line up with SDLC (Software development life cycle)

o People: restricted access to hardware & docs using identification & authentication (who
they claim to be) – PW/ID card/eyescan; security training courses; establish security
policies & procedures
o Apps: authenticate users; business rules; single sign-on
o Network: firewalls to block intruders; VPN; authentication
o Operating System (OS): Authentication; intrusion detect; password policy; user accounts
o DBMS: Authentication; intrusion detect, PW policies; database resourfcfev
o Data files: file permission ; access monitoring
o Phases
 Identification: identify & investigate resources required and policies to adopt
 Assessment: analyze vulnerabilities, threats, risks from physical (data files &
data) and logical (memory & code)
 Design: blueprint of adopted security model used to enforce security – how
security measures are implemented to enforce data integrity & accessibility
 Implementation: develop code and buy tools to implement blueprint in design
 Evaluation: test system against typical software attacks, hardware failures,
natural disasters and people errors to determine the system’s degree of security
 Auditing: after system goes prod, audit periodically to ensure sys security state