CHAPTER 1
Mempelajari dan mengkaji issue-issue keamanan basis data dan implementasinya pada sistem yang menggunakan DBMS komersial / non-komersial
Tujuan
¡ Memahami konsep, prinsip, dan konteks keamanan basis data.
¡ Mampu melakukan analisis kebutuhan dan perancangan keamanan basis data.
¡ Mampu menerapkan hasil perancangan keamanan basis data pada sistem tertentu.
¡ Mengetahui berbagai model keamanan basis data pada sistem yang menggunakan DBMS komersial / non-komersial.
Tujuan keamanan Basisdata
¡ Secrecy/Confidentiality: Information should not be disclosed to unauthorized users. For example, student should not be allowed to examine other student’s grades.
¡ Integrity: Only authorized users should be allowed to modify data. For example, student may be allowed to see their grades, yet not allowed (obviously) to modify them.
¡ Availability: Authorized users should not be denied access. For example, an instructor who wishes to change a grade should be allowed to do so
Materi
¡ Konsep, prinsip, dan konteks keamanan basis data.
¡ Database security management:
- Analisis kebutuhan keamanan basis data
- Perancangan keamanan basis data
¡ Implementasi keamanan basis data:
- Model-model keamanan basis data
- Mekanisme umum keamanan basis data
- Statistik keamanan basis data
Ruang lingkup
Referensi
¡ Raghu Ramakrishnan & Johannes Gehrke, “Database Management Systems”, Chapter 21.
¡ http://www-1g.cs.luc.edu/~van/cs468/lecture22/
index.html
¡ DBMS Reference Manual:
- MySQL 5.0
- MS-Access 2.0
- Oracle 9i atau Oracle 10g
- MS-SQL Server 2000
Situasi
¡ Sistem pengolahan data yang menggunakan basis data sebagai tempat penyimpanan datanya.
¡ Basis data mungkin disimpan secara terpusat atau tersebar dengan duplikasi (replikasi, fragmentasi).
¡ Ada banyak pemakai yang dapat mengakses basis data melalui jaringan komputer (LAN, intranet, internet).
Tindakan keamanan
¡ Tindakan untuk melindungi sumber daya basis data dari pengaksesan yang tidak berhak, modifikasi, atau bentuk intervensi lainnya.
¡ Sekumpulan perangkat yang dirancang untuk melindungi record-record data dan sumber daya basis data lainnya dari orang-orang yang tidak berhak.
Ancaman keamanan terhadap Basisdata
¡ Interuption: Sumber daya basis data dirusak atau menjadi tidak dapat dipakai (ancaman terhadap availability).
¡ Interception: Pemakai atau bagian yang tidak berhak mengakses sumber daya basis data (ancaman secrecy).
¡ Modification: Pemakai atau bagian yang tidak berhak tidak hanya mengakses tapi juga merusak sumber daya sistem komputer (ancaman integrity).
¡ Fabrication: Pemakai atau bagian yang tidak berhak menyisipkan objek palsu kedalam sistem (ancaman integrity).
Bentuk ancaman VS CIA
Tahap ancaman dan Penangkalan
| Tahap Ancaman | Penangkalan |
| Pengamatan | Pencegahan |
| Penyusupan | Deteksi |
| Pelaksanaan | Pemberantasan, Pemulihan |
| Penghilangan Jejak | Log System |
Contoh keamanan basisdata
Mengapa keamanan basisdata sangat penting ?
¡ Databases often store data which is sensitive in nature.
¡ Incorrect data or loss of data could negatively affect business operations.
¡ Databases can be used as bases to attack other systems from.
Evolving Database Threat Environment
¡ A decade ago, databases were:
- Physically secure
- Housed in central data centers – not distributed
- External access mediated through customer service reps, purchasing managers, etc.
- Security issues rarely reported
¡ Now increasingly DB’s externally accessible:
- Suppliers directly connected
- Customers directly connected
- Customers & partners directly sharing data
¡ Data is most valuable resource in application stack
- Value increases with greater integration & aggregation
- Opportunities for data theft, modification, or destruction
¡ DB security a growing problem
Strategi Keamanan Basis data
¡ Principle of least privilege
¡ Password security
¡ Firewalling / access control
¡ Remove / disable unneeded default accounts
¡ Disable unneeded components
¡ Running database processes under dedicated non-privileged account.
Beberapa bentuk penerapan keamanan basisdata
¡ Kerberos security (network authentication protocol)
¡ Port access security
¡ Virtual private databases
¡ Role-based security
¡ Grant-execute security
CHAPTER 2
DATABASE SECURITY MANAJEMEN
¡ Database Security Management can defined as a set activities that covers:
- Database Security Plan
- Database Security Requirements Analysis
- Database Security Design
- Database Security Implementation
- Database Security Audit
Database Security Management vs Database Design
Database security Plan
¡ Describes how an organization will address its database security needs.
¡ Identifying and organizing the database security activities for a computing system.
¡ The objective of a database security plan is to enable staff to act effectively to prevent and mitigate the effects of database security problems.
¡ Database Security Plan must address six issues below:
- Policy
- Current Security Status
- Recommendation
- Accountability
- Timetable
- Continuing Attention
Database securityPolicy
¡ Database security policy indicate the goals of a database security effort and the willingness to work to achieve.
¡ Security policies for database operation:
- System Security Policy
- Data Security Policy
- User Security Policy
- Password Management Policy
- Auditing Policy
- A Security Checklist
¡ System Security Policy
- Database User Management
- User Authentication
- Operating System Security
¡ Data Security Policy
Includes the mechanisms that control the access to and use of the database at the object level.
¡ User Security Policy
- General User Security
- End-User Security
- Administrator Security
- Application Developer Security
- Application Administrator Security
¡ Password Management Policy
- Account Locking
- Password Aging and Expiration
- Password History
- Password Complexity Verification
¡ Auditing Policy
- Monitor suspicious database activity
- Gather historical information about particular database activities
¡ A Security Checklist
Provides guidance on configuring DBMS in a secure manner for operational database deployments.
Current Security Status
¡ Describing the status of a database security at the time of the plan.
¡ Status includes:
- A listing of the database resources
- The security threats to the resources
- The controls in place to protect the resources
Databasesecurity Recommendation
¡ Recommendations and requirements which lead to meeting the database security goals.
- Ownership and Responsibility
- Resources and Their Vulnerabilities
- Threats
- Solutions
- Security Measures
- Guidelines to Personnel
Database Security Accountability
¡ A plan of accountability so that responsible people can later be judged on the results they have achieved.
¡ It should describe who is responsible for each database security activity
Database security Timetable
¡ Identifying when different security functions are to be done.
¡ Also gives a milestones by which the progress can be judged.
Database security Continuing Attention
¡ Specifying a structure to update the database security plan periodically.
¡ Periodically the inventory of objects and the list of controls should be updated, the risk analysis should be reviewed.
¡ The security plan should be set a time for this periodic review.
Database Security Requirements Analysis
¡ Making a determination of what must be done, when it must be done, what is needed to do it, and who should be doing it.
¡ Also includes an examination of the physical access point to data
¡ Database security requirements analysis steps:
¡ Identification and evaluation of securable resources (subjects and objects).
¡ Examination of each of these resources to determine if they need to be secured.
¡ Risk analysis / risk evaluation.
¡ Determine how to achieve the desired level security.
Beberapa Contoh Jenis Threats
¡ User / Pihak Luar
- Mengakses dan mengupdate data yang bukan menjadi haknya.
- Menggunakan hak akses orang lain
- Melihat dan mengupdate data yang tidak diotorisasi
¡ Programmer
- Membuat program yang tidak aman
- Membuat account sendiri
- Menyimpan virus atau program lainnya yang merusak
¡ Database administrator
- Menyalahgunakan kewenangan yang dimiliki
Database Security Design
¡ Identification of the subjects and objects relevant from a security viewpoint.
¡ Identification of access modes granted to different subjects on different objects; constraints on access.
¡ Translate the analysis model to a specific DBMS view-based and query-based security technique.
Contoh hasil Database security design
Database security Implementation
¡ Transform database security design model to specific DBMS using its features or SQL statements.
¡ Issues in database security implementation usually to be concerned, respectively:
- User Authorization
▪ Userid
▪ Password
- Discretionary Security
▪ GRANT statements
▪ REVOKE statements
- Mandetory Security
▪ Security level
- Creating a User
- CREATE USER cs IDENTIFIED BY sohib;
- CREATE USER teller IDENTIFIED BY kobam;
- CREATE USER finance IDENTIFIED BY doku;
- Add Account Locking
- CREATE PROFILE prof LIMIT FAILED_LOGIN_ATTEMPTS 4 PASSWORD_LOCK_TIME 30;
- ALTER USER cs PROFILE prof;
- Granting Privileges
- GRANT SELECT, INSERT ON tblAccount TO cs;
- GRANT SELECT, UPDATE ON tblAccount TO teller;
- GRANT SELECT, UPDATE, DELETE ON tblAccount TO finance;
- Using Roles
- CREATE USER manager IDENTIFIED BY boss;
- CREATE ROLE supervisor;
- GRANT SELECT, INSERT, UPDATE, DELETE ON tblAccount TO supervisor;
- GRANT SELECT ON tblCustomer TO supervisor;
- GRANT SELECT, INSERT, UPDATE ON tblTransaction TO supervisor;
- GRANT supervisor TO manager;
¡ Security level
- All end-users of a database (or an application) should be mapped to a single database user:
CREATE TABLE user (name CHAR(30), userid CHAR(10), password CHAR(10), group CHAR(10), sec_level NUMBER(2), email_addr VARCHAR(80));
·
- The task of authorization in above cases falls on the application program, with no support from SQL.
Tidak ada komentar:
Posting Komentar
Mohon luangkan sedikit waktu anda untuk berkomentar demi kemajuan kita bersama.