The Security Audit And Control Of Databases

Author : Rodney Clark,Simon Holloway,William List
Publisher : Unknown
Page : 152 pages
File Size : 42,6 Mb
Release : 1991
Category : Computers
ISBN : UOM:39015019864589

Get Book

The Security, Audit, and Control of Databases by Rodney Clark,Simon Holloway,William List Pdf

Any organization, whether commercial, governmental or academic, which uses databases in material areas of its activities is vulnerable to their defective operation. Databases are required to be secure, well controlled and auditable in order to meet the business objectives of the application systems which use them as the data storage medium. This publication from the three BCS Specialist Groups for audit, security and database design was written to assist all individuals involved in achieving the above requirements. It treats all these three aspects from the viewpoint of practical experience, right from the initial choice of software. This continues through integration with other software, to control measures and audit procedures. The book also covers types of and integrity of databases, data dictionaries, and CASE tools. The volume provides a structured understanding of a complex topic; a reference manual to those designing applications using databases; and a guide to audit needs in a database envrironment. The readership includes database designers, security staff, auditors (internal and external), consultants and applications designers.

Author : ISACA
Publisher : ISACA
Page : 43 pages
File Size : 43,7 Mb
Release : 2009
Category : Computers
ISBN : 9781604201185

Get Book

Security, Audit and Control Features by ISACA Pdf

Author : Ron Ben Natan
Publisher : Elsevier
Page : 432 pages
File Size : 49,5 Mb
Release : 2005-05-20
Category : Computers
ISBN : 0080470645

Get Book

Implementing Database Security and Auditing by Ron Ben Natan Pdf

This book is about database security and auditing. You will learn many methods and techniques that will be helpful in securing, monitoring and auditing database environments. It covers diverse topics that include all aspects of database security and auditing - including network security for databases, authentication and authorization issues, links and replication, database Trojans, etc. You will also learn of vulnerabilities and attacks that exist within various database environments or that have been used to attack databases (and that have since been fixed). These will often be explained to an “internals level. There are many sections which outline the “anatomy of an attack – before delving into the details of how to combat such an attack. Equally important, you will learn about the database auditing landscape – both from a business and regulatory requirements perspective as well as from a technical implementation perspective. * Useful to the database administrator and/or security administrator - regardless of the precise database vendor (or vendors) that you are using within your organization. * Has a large number of examples - examples that pertain to Oracle, SQL Server, DB2, Sybase and even MySQL.. * Many of the techniques you will see in this book will never be described in a manual or a book that is devoted to a certain database product. * Addressing complex issues must take into account more than just the database and focusing on capabilities that are provided only by the database vendor is not always enough. This book offers a broader view of the database environment - which is not dependent on the database platform - a view that is important to ensure good database security.

Author : Anonim
Publisher : It Governance Institute
Page : 158 pages
File Size : 52,6 Mb
Release : 2004-01-01
Category : Database security
ISBN : 189320958X

Get Book

Oracle Database Security, Audit and Control Features by Anonim Pdf

As systems have migrated from mainframe to client-server and multi-tiered web application environments, the criticality of protecting the database has grown at a tremendous rate. The confidentiality, integrity and availability requirements of the database tier are at an all time high because employees, customers and business partners demand access to data in an immediate and consistent manner. Further, the reality and awareness of security risks are growing, resulting in higher security expectations. As a result, more focus is directed toward auditing databases to ensure that there are appropriate safeguards in place to protect against reasonably foreseeable threats. This book provides guidance on Oracle Database including: * Understanding the IT environment, and developing a strategy to properly plan the Oracle audit * Security and access control related to the Oracle environment * A suggested security and control framework * A detailed general controls approach, along with specifics on application level security * An internal control questionnaire and audit program linked to COBIT * A list of frequently asked questions/answers, and recommendations for the professional * A list of automated assessment tools available. Call +1.847.253.1545 ext. 401, visit www.isaca.org/bookstore or e-mail [email protected] for more information.

Author : Frederick Gallegos,A. Faye Borthick
Publisher : Thomson South-Western
Page : 744 pages
File Size : 51,5 Mb
Release : 1987
Category : Auditing
ISBN : UCAL:B4396094

Get Book

Audit and Control of Information Systems by Frederick Gallegos,A. Faye Borthick Pdf

Author : Michael Gertz,Sushil Jajodia
Publisher : Springer Science & Business Media
Page : 577 pages
File Size : 54,7 Mb
Release : 2007-12-03
Category : Computers
ISBN : 9780387485331

Get Book

Handbook of Database Security by Michael Gertz,Sushil Jajodia Pdf

Handbook of Database Security: Applications and Trends provides an up-to-date overview of data security models, techniques, and architectures in a variety of data management applications and settings. In addition to providing an overview of data security in different application settings, this book includes an outline for future research directions within the field. The book is designed for industry practitioners and researchers, and is also suitable for advanced-level students in computer science.

Author : Elisa Bertino
Publisher : Morgan & Claypool Publishers
Page : 93 pages
File Size : 40,6 Mb
Release : 2012-06-01
Category : Computers
ISBN : 9781608457694

Get Book

Data Protection from Insider Threats by Elisa Bertino Pdf

As data represent a key asset for today's organizations, the problem of how to protect this data from theft and misuse is at the forefront of these organizations' minds. Even though today several data security techniques are available to protect data and computing infrastructures, many such techniques -- such as firewalls and network security tools -- are unable to protect data from attacks posed by those working on an organization's "inside." These "insiders" usually have authorized access to relevant information systems, making it extremely challenging to block the misuse of information while still allowing them to do their jobs. This book discusses several techniques that can provide effective protection against attacks posed by people working on the inside of an organization. Chapter One introduces the notion of insider threat and reports some data about data breaches due to insider threats. Chapter Two covers authentication and access control techniques, and Chapter Three shows how these general security techniques can be extended and used in the context of protection from insider threats. Chapter Four addresses anomaly detection techniques that are used to determine anomalies in data accesses by insiders. These anomalies are often indicative of potential insider data attacks and therefore play an important role in protection from these attacks. Security information and event management (SIEM) tools and fine-grained auditing are discussed in Chapter Five. These tools aim at collecting, analyzing, and correlating -- in real-time -- any information and event that may be relevant for the security of an organization. As such, they can be a key element in finding a solution to such undesirable insider threats. Chapter Six goes on to provide a survey of techniques for separation-of-duty (SoD). SoD is an important principle that, when implemented in systems and tools, can strengthen data protection from malicious insiders. However, to date, very few approaches have been proposed for implementing SoD in systems. In Chapter Seven, a short survey of a commercial product is presented, which provides different techniques for protection from malicious users with system privileges -- such as a DBA in database management systems. Finally, in Chapter Eight, the book concludes with a few remarks and additional research directions. Table of Contents: Introduction / Authentication / Access Control / Anomaly Detection / Security Information and Event Management and Auditing / Separation of Duty / Case Study: Oracle Database Vault / Conclusion

Author : Anonim
Publisher : Isaca
Page : 0 pages
File Size : 51,7 Mb
Release : 2010
Category : Database security
ISBN : 1604201061

Get Book

Security, Audit and Control Features Oracle E-Business Suite, 3rd Edition by Anonim Pdf

Author : Eduardo B. Fernandez,Rita C. Summers,Christopher Wood
Publisher : Addison Wesley Publishing Company
Page : 344 pages
File Size : 55,9 Mb
Release : 1981
Category : Computers
ISBN : UOM:39015002074063

Get Book

Database Security and Integrity by Eduardo B. Fernandez,Rita C. Summers,Christopher Wood Pdf

Author : Bhavani Thuraisingham
Publisher : CRC Press
Page : 657 pages
File Size : 49,9 Mb
Release : 2005-05-26
Category : Computers
ISBN : 9780203486061

Get Book

Database and Applications Security by Bhavani Thuraisingham Pdf

This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections,

Author : Anonim
Publisher : Unknown
Page : 52 pages
File Size : 49,9 Mb
Release : 2012
Category : Computers
ISBN : 9781604201970

Get Book

Security, Audit and Control Features by Anonim Pdf

Author : Teresa F. Lunt
Publisher : Springer Science & Business Media
Page : 266 pages
File Size : 51,6 Mb
Release : 2012-12-06
Category : Computers
ISBN : 9781461228707

Get Book

Research Directions in Database Security by Teresa F. Lunt Pdf

Many commercial and defense applications require a database system that protects data of different sensitivities while still allowing users of different clearances to access the system. This book is a collection of papers covering aspects of the emerging security technology for multilevel database systems. It contains reports on such landmark systems as SeaView, LDV, ASD, Secure Sybase, the UNISYS secure distributed system, and the secure entity-relationship system GTERM. Much of the research is concerned with the relational model, although security for the entity-relationship and object-oriented models of data are also discussed. Because the field is so new, it has been extremely difficult to learn about the research going on in this area, until now. This book will be invaluable to researchers and system designers in database systems and computer security. It will also be of interest to data users and custodians who are concerned with the security of their information. This book can also be used as a text for an advanced topics course on computer security in a computer science curriculum.

Author : Hassan A. Afyouni
Publisher : Course Technology
Page : 452 pages
File Size : 48,7 Mb
Release : 2006
Category : Computers
ISBN : UCSC:32106018559416

Get Book

Database Security and Auditing: Protecting Data Integrity and Accessibility by Hassan A. Afyouni Pdf

Designed for easy learning, this text is broken into three sections: Security, Auditing and Implementation. Students will fully understand how to implement database security on modern business databases using practical scenarios and step-by-step examples throughout the text. Each chapter ends with exercises and a hands-on project to reinforce and showcase the topics learned. The final chapter of the book allows the students to apply their knowledge in a presentation of four real-world cases using security and auditing.

Author : K. K. Mookhey,Nilesh Burghate
Publisher : ISACA
Page : 168 pages
File Size : 48,6 Mb
Release : 2005
Category : Computer security
ISBN : 9781893209787

Get Book

Linux by K. K. Mookhey,Nilesh Burghate Pdf

This document, which focuses on the Linux security issues for one of the more popular versions of Linux, Red Hat version 9/Fedora, provides a standard reference for Linux security controls and their audit for security administrators, security professionals and information systems auditors. It provides the following guidance to IT management: * The business and technology drivers for Linux * The vulnerabilities of the Linux operating system * Risk management issues with an action-oriented perspective * Linux security software * How to secure Linux installations to fulfill the control objectives of two well-known standards-COBIT and ISO 17799 * Detailed internal control questionnaires. Call +1.847.253.1545 ext. 401, visit www.isaca.org/bookstore or e-mail [email protected] for more information.

Author : B. Thuraisingham,Reind van de Riet,Klaus R. Dittrich,Zahir Tari
Publisher : Springer
Page : 378 pages
File Size : 44,6 Mb
Release : 2006-04-11
Category : Computers
ISBN : 9780306470080

Get Book

Data and Application Security by B. Thuraisingham,Reind van de Riet,Klaus R. Dittrich,Zahir Tari Pdf

New technology is always evolving and companies must have appropriate security for their businesses to be able to keep up to date with the changes. With the rapid growth of the internet and the world wide web, data and applications security will always be a key topic in industry as well as in the public sector, and has implications for the whole of society. Data and Applications Security covers issues related to security and privacy of information in a wide range of applications, including: Electronic Commerce, XML and Web Security; Workflow Security and Role-based Access Control; Distributed Objects and Component Security; Inference Problem, Data Mining and Intrusion Detection; Language and SQL Security; Security Architectures and Frameworks; Federated and Distributed Systems Security; Encryption, Authentication and Security Policies. This book contains papers and panel discussions from the Fourteenth Annual Working Conference on Database Security, which is part of the Database Security: Status and Prospects conference series sponsored by the International Federation for Information Processing (IFIP). The conference was held in Schoorl, The Netherlands in August 2000.