Page 113 - DCAP516_COMPUTER_SECURITY
P. 113

Unit 9: Database Security




               From a sensitive source: The source of the data may indicate a need for confidentiality. An  Notes
               example is information from an informer whose identity would be compromised if the
               information were disclosed.
               Declared Sensitive: The database administrator or the owner of the data may have declared
               the data to be sensitive. Examples are classified military data or the name of the anonymous
               donor of a piece of art.
               Part of a sensitive attribute or a sensitive record: In a database, an entire attribute or
               record may be classified as sensitive. Examples are the salary attribute of a personnel
               database or a record describing a secret space mission.

               Sensitive in relation to previously disclosed information: Some data become sensitive in
               the presence of other data. For example, the longitude coordinate of a secret gold mine
               reveals little, but the longitude coordinate in conjunction with the latitude coordinate
               pinpoints the mine.




             Notes  Sensitive data is stored in lots of places like email systems, endpoint devices, and
            file servers, but most organizations store the majority of their confidential information in
            databases. This situation places database security at a premium.
          Unfortunately, database security isn’t easy as it involves multiple processes and security controls
          as well as strong coordination and collaboration between DBAs and the security team. Over the
          past several years, database security has really become equated with one particular technology
          — Database Activity Monitoring (DAM). DAM can be defined as follows:
          ‘Database activity monitoring (DAM) is a database security technology for monitoring and
          analyzing database activity that operates independently of the database management system
          (DBMS) and does not rely on any form of native (DBMS-resident) auditing or native logs such as
          trace or transaction logs. DAM is typically performed continuously and in real-time.’

          Self Assessment


          State whether the following statements are true or false:
          1.   Sensitive data are data that should not be made private.
          2.   With logical integrity of a database, a modification to the value of one field does not affect
               other fields.
          3.   Database Activity Analysis (DAS) is a database security technology for monitoring and
               analyzing database activity that operates independently of the database management
               system (DBMS).
          4.   When software engineers say that software has reliability, they mean that the software
               runs for very long periods of time without failing.
          5.   Some data become sensitive in the presence of other data.

          9.4 Multilevel Security

          Multilevel security or Multiple Levels of Security (abbreviated as MLS) is the application of a
          computer system to process information with different sensitivities (i.e., at different security
          levels), permit simultaneous access by users with different security clearances and needs-to-
          know, and prevent users from obtaining access to information for which they lack authorization.



                                           LOVELY PROFESSIONAL UNIVERSITY                                   107
   108   109   110   111   112   113   114   115   116   117   118