Database Security Plan and Requirements Definition for a University Department
The database security plan and requirements definition were developed. The plan included, at the outset, the inclusion of major stakeholder at the University and described their roles in initiating, implementing, and maintaining the plan. Individuals responsible for daily and other periodic tasks were developed. A major consideration in planning the security was the policy that governs granting of access. The need-to-know, combined with the users' roles provided the guiding principles. Physical security, backing up of data and the periodic exercise of restoring data were not overlooked in the plan. Plans were set in place to ensure that attention was paid to the dynamic nature of the document since the security environment must continually change in order to discourage system attackers and to keep pace with the rapidly changing technology.
The Business Environment
We are an entrepreneurial business department in the faculty of engineering of a large accredited university. The entrepreneurial nature of this department derives from the newly established Internet-based Master's degree program that we were granted permission to launch. The staffing for this program includes four 'program directors', one 'assistant director', four 'full-time professors', one 'full time database administrator', one 'administrative assistant', and 'one clerical assistant' who handles admissions to the program. In addition, part-time instructors, part-time teaching assistants, part-time assistant data-base administrators are employed on a term-by term basis as the student-load dictates. Students must access printed and audio data, prepared by the instructors via the Internet and the specific website designed to accommodate their courses.
The objectives of this security plan are (1) to conform as much as possible to the sound recommendations by Marlene Theriault and William Heney (1998) in their description of the development of an Oracle Database security plan, in Chapter seven, (2) to provide confidentiality, integrity and accessibility for the students' data in the database, for the instructors' lecture and examination documents also. The definitions of these terms are as outlined as follows (Ferrari, 2010)
Data secrecy or confidentiality prevents improper or unauthorized 'read' operations on the managed data. When data are related to personal information, the term privacy is used. However, it is important to note that protecting privacy requires some additional countermeasures with respect to those employed to ensure data confidentiality. Data integrity signifies protecting data from unauthorized or improper modifications or deletions.
Data availability signifies prevention and recovery from hardware and software errors due to malicious data can make the data or some of their portions unavailable to unauthorized users. These causes will be eliminated.
Network and Systems
The systems in use in the department are as follows:
1. Desktop computers and laptop computers are available for all professors and administrative staff.
2. Printers available for personal use by all staff in their individual offices.
3. A printer-fax combination for general use
4. A server, type Microsoft Windows linked by Ethernet cables
5. Database, Oracle 11g Enterprise Edition.
1. The database security management will be the responsibility of a team led by the database administrator. Other members of the team include the program director, a senior database administrator form the Information Systems Department of the university, one instructor, and me as the chief security officer. The team approach in developing the security plan is recommended by Bond, Yeung-Kuen, Wong Chan (2007).
The team will meet weekly to discuss how to improve the security plan and to assess risk levels. The team will review the plan quarterly and make revisions as necessary in the light of new technology and changes in any regulations at the university or government level. The database security management will be the responsibility of the database administrator.
2. When a security breach is discovered, the administrator will make all attempts to trace the source of the breach using the 'Database Auditing and Intrusion Detection System'. The breach should be reported to the head of the Information Systems Department of the University. If individuals internal to the University are the cause of the breach, then a review of the Circumstance will be made and appropriate reprimands, or more severe punishment will be dealt according to the findings (Bond, Yeung-Kuen, Wong Chan, 2007).
3. The database administrator will be responsible for daily administration of the security policies, including the creation of access according to principle of "need-to-know" or sometimes referred as Separation of Duty. The separation of duty as a requirement such that "each set of user be assigned a specific set of responsibilities and only be permitted to execute transactions required to fulfil those responsibilities" (Haigh, 1987, p.30).
The database administrator will also be responsible for administering and managing the World Wide Web.
Part 2 Architecture and Operating System
Client servers, web servers and application servers will be used in this operation. Security plug-ins will be installed on the servers. Server-side authentication security plug-ins and client-side authentication plug-in will be used. The plug-ins perform authentication on the database server when a user requests to be connected to a database. Authentication determines if the credentials of ID and password are authorized to enter the database. The use of plug-ins provides flexibility and customizability that are usually not available on the standard facility of the operating system (Bustamante, 2008).
Since data will be transmitted to students and by students over the World Wide Web the integrity and security of the data will be maintained by the use of encryption by Oracle Web Service Manager (Bustamante, 2008).
The database in this operation is classified into two categories based on the sensitivity of the data. One category includes critical data relating to students' personal information will be encrypted. The sensitive data that will be encrypted are:
Names, credit card numbers, date of birth, social security numbers, and actions taken on personnel.
Another less critical classification relates to other data such as instructional material but these need not be encrypted. These data will be protected by access controls (Haigh, 1987).
Part 3 User Accounts and Password Administration
The database administrator will be responsible for creating all user accounts including access to accounts on the Web servers by students for their specific courses. These types of access are time sensitive and so they will expire at the end of each school term. At the beginning of each term, the student list will be reviewed by the admissions clerks and the program director to determine which students are eligible to access the Internet classroom. This list is passed to the database administrator who creates the user accounts.
ID and password structures are standardized. The ID will consist of the students' first name initial and last name up to a total of eight letters. Numbers will be used to differentiate when two IDs are identical. Accounts for the instructors and clerical staff will be created by the database administrator. Passwords will be eight digits consisting of alphabet and numbers. Account for the database administrator will be created by the senior database administrator in the University's Information Systems department. These passwords are constructed by Information Systems department for the database administrator, are constructed using a different format from those used in our local department (Ferrari, 2010)
Profile is a set of characteristic that define the user. The current job title of the user must also form part of the characteristics of the user. Consequently those characteristics will also define the role that the user currently plays. It is the role that ultimately determines whether a user has access to certain sensitive sections of the database. As Ting explains (1987, 190), "The proposed user-role-based security model is intended to enhance the overall database security. The model assumes that the user identification and authentication have already been appropriately handled. The criteria for assignment of a profile to an account is based on the answer to the question, "Does the person occupying this role at this time need to know this information contained in this file?"
Part 4 Roles and Privileges
The security model will be a role-based security model. This is a model that will be applicable to this system since there is a web access component to this operation. According to Bustamante, "Role-based security is built on the premise that users are authenticated, which is the process of identifying the user. Once identified, the user can be authorized or, assigned roles and permissions" (Bustamante, 2008, p21).
Bustamate also notes that this model is suited for Web-based applications. In my system under consideration, there is a heavy Web-based application where instructors post notes on the Web to be accessed by students during a specific term.
Object privileges should be granted by the database administrator in consultation with the data security planning team members only after due diligence has been exercised. The object privileges include, 'SELECT, and INSERT, UPDATE, DELETE, and ALL PRIVILEGES'
Part 5 Data Security Operations
When failure occurs it is important that logs are available to provide recovery of the system. Complete logs must be available as the default. There should also be configured…