COMPUTER NETWORK SECURITY
|
|
- Eleanore Patterson
- 6 years ago
- Views:
Transcription
1 COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (5 th Week)
2 5. Database and Cloud Security
3 5.Outline The Need for Database Security Database Management Systems Relational Databases SQL Injection Attacks Database Access Control Inference threat Database Encryption Cloud Computing Cloud Security Risks and Countermeasures Data Protection in the Cloud Cloud Security as a Service
4 Structured collection of data stored for use by one or more applications Contains the relationships between data items and groups of data items Can sometimes contain sensitive data that needs to be secured Database management system (DBMS) Suite of programs for constructing and maintaining the database Offers ad hoc query facilities to multiple users and applications Query language Provides a uniform interface to the database
5 Database utilities User applications User queries DDL processor DML and query language processor Database description tables Authorization tables Transaction manager DBMS File manager Concurrent access tables DDL = data definition language DML = data manipulation language Physical database Figure 5.1 DBMS Architecture
6 Table of data consisting of rows and columns Each column holds a particular type of data Each row contains a specific value for each column Ideally has one column where all values are unique, forming an identifier/key for that row Enables the creation of multiple tables linked together by a unique identifier that is present in all tables Use a relational query language to access the database Allows the user to request data that fit a given set of criteria
7
8 Primary key Uniquely identifies a row Consists of one or more column names Foreign key Relation/table/file Tuple/row/record Attribute/column/field Links one table to attributes in another View/virtual table Result of a query that returns selected rows and columns from one or more tables
9 Basic Terminology for Relational Databases
10 Attributes A 1 A j A M 1 x 11 x 1j x 1M Records i x i1 x ij x im N x N1 x Nj x NM Figure 5.3 Abstract Model of a Relational Database
11 Did Dname Dacctno Ename Did Salarycode Eid 4 human resources Robin education 9 accounts public relations primary key services Department Table Neil Jasmine Cody Holly Robin Smith Employee Table Ephone foreign key primary key (a) Two tables in a relational database Dname Ename Eid Ephone human resources Jasmine education Holly education Robin accounts Smith public relations Neil services Robin services Cody (b) A view derived from the database Figure 5.4 Relational Database Example
12 Standardized language to define schema, manipulate, and query data in a relational database Several similar versions of ANSI/ISO standard All follow the same basic syntax and semantics SQL statements can be used to: Create tables Insert and delete data in tables Create views Retrieve data with query statements
13 SQL Injection Attacks (SQLi) One of the most prevalent and dangerous networkbased security threats Designed to exploit the nature of Web application pages Sends malicious SQL commands to the database server Most common attack goal is bulk extraction of data Depending on the environment SQL injection can also be exploited to: o o o Modify or delete data Execute arbitrary operating system commands Launch denial-of-service (DoS) attacks
14 Switch Internet Router Firewall Wireless access point Web servers Legend:. Data exchanged between hacker and servers Two-way traffic between hacker and Web server Credit card data is retrieved from database Database servers Database Web application server Figure 5.5 Typical SQL I njection Attack
15 Injection Technique The SQLi attack typically works by prematurely terminating a text string and appending a new command Because the inserted command may have additional strings appended to it before it is executed the attacker terminates the injected string with a comment mark - - Subsequent text is ignored at execution time
16 User input Attackers inject SQL commands by providing suitable crafted user input Server variables Attackers can forge the values that are placed in HTTP and network headers and exploit this vulnerability by placing data directly into the headers Second-order injection A malicious user could rely on data already present in the system or database to trigger an SQL injection attack, so when the attack occurs, the input that modifies the query to cause an attack does not come from the user, but from within the system itself Cookies An attacker could alter cookies such that when the application server builds an SQL query based on the cookie s content, the structure and function of the query is modified Physical user input Applying user input that constructs an attack outside the realm of web requests
17 Uses the same communication channel for injecting SQL code and retrieving results The retrieved data are presented directly in application Web page Include: Tautology End-of-line comment Piggybacked queries This form of attack injects code in one or more conditional statements so that they always evaluate to true After injecting code into a particular field, legitimate code that follows are nullified through usage of end of line comments The attacker adds additional queries beyond the intended query, piggybacking the attack on top of a legitimate request
18 There is no actual transfer of data, but the attacker is able to reconstruct the information by sending particular requests and observing the resulting behavior of the Website/database server Include: o Illegal/logically incorrect queries This attack lets an attacker gather important information about the type and structure of the backend database of a Web application The attack is considered a preliminary, information-gathering step for other attacks o Blind SQL injection Allows attackers to infer the data present in a database system even when the system is sufficiently secure to not display any erroneous information back to the attacker
19 Data are retrieved using a different channel This can be used when there are limitations on information retrieval, but outbound connectivity from the database server is lax
20 SQLi Countermeasures Three types: Manual defensive coding practices Parameterized query insertion SQL DOM: Defensive coding Detection Signature based Anomaly based Code analysis Check queries at runtime to see if they conform to a model of expected queries Run-time prevention
21 Database access control system determines: Can support a range of administrative policies If the user has access to the entire database or just portions of it Centralized administration Small number of privileged users may grant and revoke access rights What access rights the user has (create, insert, delete, update, read, write) Ownership-based administration The creator of a table may grant and revoke access rights to the table Decentralized administration The owner of the table may grant and revoke authorization rights to other users, allowing them to grant and revoke access rights to the table
22 Two commands for managing access rights: Grant o Used to grant one or more access rights or can be used to assign a user to a role Revoke o Revokes the access rights Typical access rights are: Select Insert Update Delete References
23 Role-based access control eases administrative burden and improves security A database RBAC needs to provide the following capabilities: Create and delete roles Define permissions for a role Assign and cancel assignment of users to roles Categories of database users: Application owner End user Administrator An end user who owns database objects as part of an application An end user who operates on database objects via a particular application but does not own any of the database objects User who has administrative responsibility for part or all of the database
24 Fixed Roles in Microsoft SQL Server Role sysadmin serveradmin setupadmin securityadmin processadmin dbcreator diskadmin bulkadmin db_owner db_accessadmin db_datareader db_datawriter db_ddladmin db_securityadmin db_backupoperator db_denydatareader db_denydatawriter Permissions Fixed Server Roles Can perform any activity in SQL Server and have complete control over all database functions Can set server-wide configuration options, shut down the server Can manage linked servers and startup procedures Can manage logins and CREATE DATABASE permissions, also read error logs and change passwords Can manage processes running in SQL Server Can create, alter, and drop databases Can manage disk files Can execute BULK INSERT statements Fixed Database Roles Has all permissions in the database Can add or remove user IDs Can select all data from any user table in the database Can modify any data in any user table in the database Can issue all Data Definition Language (DDL) statements Can manage all permissions, object ownerships, roles and role memberships Can issue DBCC, CHECKPOINT, and BACKUP statements Can deny permission to select data in the database Can deny permission to change data in the database
25 Nonsensitive data Inference Sensitive data Access Control Authorized access Unauthorized access Metadata Figure 5.7 Indirect Information Access Via Inference Channel
26 Name Position Salary ($) Department Dept. Manager Andy senior 43,000 strip Cathy Calvin junior 35,000 strip Cathy Cathy senior 48,000 strip Cathy Dennis junior 38,000 panel Herman Herman senior 55,000 panel Herman Ziggy senior 67,000 panel Herman (a) Employee table Position Salary ($) Name Department senior 43, 000 Andy strip junior 35,000 Calvin strip senior 48,000 Cathy strip (b) Two views Name Position Salary ($) Department Andy senior 43,000 strip Calvin junior 35,000 strip Cathy senior 48,000 strip (c) Table derived from combining query answers Figure 5.8 Inference Example
27 Inference Detection Inference detection during database design Approach removes an inference channel by altering the database structure or by changing the access control regime to prevent inference Techniques in this category often result in unnecessarily stricter access controls that reduce availability Two approaches Approach seeks to eliminate an inference channel violation during a query or series of queries Inference detection at query time If an inference channel is detected, the query is denied or altered Some inference detection algorithm is needed for either of these approaches Progress has been made in devising specific inference detection techniques for multilevel secure databases and statistical databases
28 The database is typically the most valuable information resource for any organization Protected by multiple layers of security Firewalls, authentication, general access control systems, DB access control systems, database encryption Encryption becomes the last line of defense in database security Can be applied to the entire database, at the record level, the attribute level, or level of the individual field Disadvantages to encryption: Key management Authorized users must have access to the decryption key for the data for which they have access Inflexibility When part or all of the database is encrypted it becomes more difficult to perform record searching
29 organization that produces data to be made available for controlled release human entity that presents queries to the system frontend that transforms user queries into queries on the encrypted data stored on the server User Client Meta Data 4. Plaintext result 1. Original query Query Processor Encrypt/ Decrypt metadata 2. Transformed query 3. Encrypted result Data owner Query Executor Server Meta Data Database Encrypted database an organization that receives the encrypted data from a data owner and makes them available for distribution to clients Figure 5.9 A Database Encryption Scheme
30 Cloud Security NIST SP defines cloud computing as: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model promotes availability and is composed of five essential characteristics, three service models, and four deployment models.
31 Essent ial Characteristics Broad Netw ork Access Rapid Elasticit y Resource Po oling Measured Service On- Dem and Self- Service Softw are as a Service ( SaaS) Service Models Plat form as a Service ( PaaS) I nfrastructure as a Service ( I aas) Deploym ent Models Public Private Hybrid Com m unit y Figure Cloud Com puting Elem ents
32 Cloud Application Softwar e (provided by cloud, visible to subscriber) Cloud Platform (visible only to pr ovider) Cloud I nfrastructure (visible only to provider) Cloud Application Softwar e (developed by subscriber) Cloud Platform (visible to subscriber) Cloud I nfrastructure (visible only to provider) (a) SaaS (b) PaaS Cloud Application Softwar e (developed by subscriber) Cloud Platform (visible to subscriber) Cloud I nfrastructure (visible to subscriber) (c) IaaS Figure Cloud Service Models
33 Public cloud The cloud infrastructure is made available to the general public or a large industry group and is owned by an organization selling cloud services The cloud provider is responsible both for the cloud infrastructure and for the control of data and operations within the cloud Community cloud The cloud infrastructure is shared by several organizations and supports a specific community that has shared concerns It may be managed by the organizations or a third party and may exist on premise or off premise Private cloud The cloud infrastructure is operated solely for an organization It may be managed by the organization or a third party and may exist on premise or off premise The cloud provider is responsible only for the infrastructure and not for the control Hybrid cloud The cloud infrastructure is a composition of two or more clouds that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability
34 LAN sw itch Enterprise - Cloud User Rout er Netw ork or I nternet Rout er LAN sw itch Cloud service provider Servers Figure Cloud Com puting Context
35 NIST SP establishes a reference architecture described as follows: The NIST cloud computing reference architecture focuses on the requirements of what cloud services provide, not a how to design solution and implementation. The reference architecture is intended to facilitate the understanding of the operational intricacies in cloud computing. It does not represent the system architecture of a specific cloud computing system; instead it is a tool for describing, discussing, and developing a system-specific architecture using a common framework of reference.
36 NIST developed the reference architecture with the following objectives in mind: o To illustrate and understand the various cloud services in the context of an overall cloud computing conceptual model o To provide a technical reference for consumers to understand, discuss, categorize, and compare cloud services o To facilitate the analysis of candidate standards for security, interoperability, and portability and reference implementations
37 Cloud Provider Cloud Consumer Cloud Auditor Security Audit Privacy Impact Audit Performance Audit Service Orchestration Service Layer PaaS IaaS SaaS Resource Abstraction and Control Layer Physical Resource Layer Hardware Facility Cloud Service Management Business Support Provisioning/ Configuration Portability/ Interoperability Security Privacy Cloud Broker Service Intermediation Service Aggregation Service Arbitrage Cloud Carrier Figure NI ST Cloud Com puting Reference Architecture
38 Cloud Security Risks The Cloud Security Alliance lists the following as the top cloud specific security threats: Abuse and nefarious use of cloud computing Insecure interfaces and APIs Malicious insiders Shared technology issues Data loss or leakage Account or service hijacking Unknown risk profile
39 Data Protection in the Cloud The threat of data compromise increases in the cloud Risks and challenges that are unique to the cloud Architectural or operational characteristics of the cloud environment Multi-instance model Provides a unique DBMS running on a virtual machine instance for each cloud subscriber Gives the subscriber complete control over administrative tasks related to security Multi-tenant model Provides a predefined environment for the cloud subscriber that is shared with other tenants typically through tagging data with a subscriber identifier Gives the appearance of exclusive use of the instance but relies on the cloud provider to establish and maintain a secure database environment
40 SecaaS Is a segment of the SaaS offering of a CP Defined by The Cloud Security Alliance as the provision of security applications and services via the cloud either to cloud-based infrastructure and software or from the cloud to the customers onpremise systems
41 Encryption security Data loss prevention Security assessments Security information and event management Business continuity and disaster recovery Web security Intrusion management Identity and access management Network security Cloud service clients and adversaries Figur e Ele m e nt s of Cloud Se cur it y a s a Se r vice
Chapter 5: Database Security
i Chapter 5: Comp Sci 3600 Outline i 1 2 i 3 4 5 Outline i 1 2 i 3 4 5 What is a i Structured collection of data stored for use by one or more applications Contains the relationships between data items
More informationACS-3921/ Computer Security And Privacy. Chapter 5 Database and Data Centre Security
ACS-3921/4921-001 Computer Security And Privacy Chapter 5 Database and Data Centre Security ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted
More informationCS419 Spring Computer Security. Vinod Ganapathy Lecture 15. Chapter 5: Database security
CS419 Spring 2010 Computer Security Vinod Ganapathy Lecture 15 Chapter 5: Database security Database Security Relational Databases constructed from tables of data each column holds a particular type of
More informationComputer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 5 Database Security First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Database Security 2 Relational Databases constructed
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 12: Database Security Department of Computer Science and Engineering University at Buffalo 1 Review of Access Control Types We previously studied four types
More informationGold. Blog. Prize. Bronze
September 10, 2011 Gold Blog Prize Bronze Working with SQL Server since MSSQL 7. Experience with different industries. No cool letters after my name. ;_; Blog Twitter - @Mike_Fal Primary goal Protecting
More informationMAGIC THipPro - SQL Server Installation - using the example of
MAGIC THipPro - SQL Server Installation - using the example of Express Wolfgang Peters 1 Installation of the SQL Server Configuration of the SQL Server Create SQL User Create empty database Install SQL
More informationActivant Prophet 21 SQL Server Management
SQL Server Administration suite Class 3 of 4 Activant Prophet 21 SQL Server Management This class is designed for Beginner SQL/Prophet 21 Users who are responsible for SQL Administration as it relates
More informationIntroduction To Security and Privacy Einführung in die IT-Sicherheit I
Introduction To Security and Privacy Einführung in die IT-Sicherheit I Prof. Dr. rer. nat. Doğan Kesdoğan Institut für Wirtschaftsinformatik kesdogan@fb5.uni-siegen.de http://www.uni-siegen.de/fb5/itsec/
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (1 st Week) Outline Course Information and Policies Course Syllabus 1. Overview Course Information Instructor: Prof. Dr. Hasan H. BALIK, balik@yildiz.edu.tr,
More informationCloud Storage Securing CDMI. Eric A. Hibbard, CISSP, CISA, ISSAP, ISSMP, ISSEP, SCSE Hitachi Data Systems
Eric A. Hibbard, CISSP, CISA, ISSAP, ISSMP, ISSEP, SCSE Hitachi Data Systems SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individual members
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (9 th Week) 9. Firewalls and Intrusion Prevention Systems 9.Outline The Need for Firewalls Firewall Characterictics and Access Policy Type of Firewalls
More informationINFO-H-415 Project Overview- Security Database and SQL Server
INFO-H-415 Project Overview- Security Database and SQL Server Kirubel Yaekob Yasmine Daoud December 2017 1 Introduction A defense-in-depth strategy, with overlapping layers of security, is the best way
More informationChapter 9: Database Security: An Introduction. Nguyen Thi Ai Thao
Chapter 9: Database Security: An Introduction Nguyen Thi Ai Thao thaonguyen@cse.hcmut.edu.vn Spring- 2016 Outline Introduction to Database Security Issues Types of Security Threats to databases Database
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationThe Business of Security in the Cloud
The Business of Security in the Cloud Dr. Pamela Fusco Vice President Industry Solutions Solutionary Inc. CISSP, CISM, CHSIII, IAM, NSA/CSS Adjunct Faculty Promises Promises The promise of cloud computing
More informationCHEM-E Process Automation and Information Systems: Applications
CHEM-E7205 - Process Automation and Information Systems: Applications Cloud computing Jukka Kortela Contents What is Cloud Computing? Overview of Cloud Computing Comparison of Cloud Deployment Models Comparison
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationMastering Transact-SQL An Overview of SQL Server 2000 p. 3 SQL Server's Networked Architecture p. 4 SQL Server's Basic Components p.
Acknowledgments p. xxiii Introduction p. xxv Mastering Transact-SQL An Overview of SQL Server 2000 p. 3 SQL Server's Networked Architecture p. 4 SQL Server's Basic Components p. 8 Transact-SQL p. 9 SQL
More informationAuditing the Cloud. Paul Engle CISA, CIA
Auditing the Cloud Paul Engle CISA, CIA About the Speaker Paul Engle CISA, CIA o Fifteen years performing internal audit, IT internal audit, and consulting projects o Internal audit clients include ADP,
More informationIntroduction to DBMS DATA DISK. File Systems. DBMS Stands for Data Base Management System. Examples of Information Systems which require a Database:
1 Introduction to DBMS DBMS Stands for Data Base Management System It is the collection of interrelated data (Which is called as Database) It contains set of software tools/programs which access the data
More informationn Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network
Always Remember Chapter #1: Network Device Configuration There is no 100 percent secure system, and there is nothing that is foolproof! 2 Outline Learn about the Security+ exam Learn basic terminology
More informationWhose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control SESSION ID: CDS-T11 Sheung-Chi NG Senior Security Consulting Manager, APAC SafeNet, Inc. Cloud and Virtualization Are Change the
More informationCloud Computing Concepts, Models, and Terminology
Cloud Computing Concepts, Models, and Terminology Chapter 1 Cloud Computing Advantages and Disadvantages https://www.youtube.com/watch?v=ojdnoyiqeju Topics Cloud Service Models Cloud Delivery Models and
More informationThe Oracle Trust Fabric Securing the Cloud Journey
The Oracle Trust Fabric Securing the Cloud Journey Eric Olden Senior Vice President and General Manager Cloud Security and Identity 05.07.2018 Safe Harbor Statement The following is intended to outline
More informationSQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD
SQL Security Whitepaper SECURITY AND COMPLIANCE SOLUTIONS FOR PCI DSS PAYMENT CARD INDUSTRY DATA SECURITY STANDARD The Payment Card Industry Data Security Standard (PCI DSS), currently at version 3.2,
More informationChapter 4. Fundamental Concepts and Models
Chapter 4. Fundamental Concepts and Models 4.1 Roles and Boundaries 4.2 Cloud Characteristics 4.3 Cloud Delivery Models 4.4 Cloud Deployment Models The upcoming sections cover introductory topic areas
More informationExam Name: Administering Microsoft SQL Server 2012 Databases Exam
Vendor: Microsoft Exam Code: 070-462 Exam Name: Administering Microsoft SQL Server 2012 Databases Exam Version: Demo QUESTION 1 You administer a Microsoft SQL Server database. Users report that an application
More informationSoftLayer Security and Compliance:
SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers
More informationSolutions Business Manager Web Application Security Assessment
White Paper Solutions Business Manager Solutions Business Manager 11.3.1 Web Application Security Assessment Table of Contents Micro Focus Takes Security Seriously... 1 Solutions Business Manager Security
More informationIT Service Delivery and Support Week Three. IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao
IT Service Delivery and Support Week Three IT Auditing and Cyber Security Fall 2016 Instructor: Liang Yao 1 Infrastructure Essentials Computer Hardware Operating Systems (OS) & System Software Applications
More informationWhen the Lights go out. Hacking Cisco EnergyWise. Version: 1.0. Date: 7/1/14. Classification: Ayhan Koca, Matthias Luft
When the Lights go out Hacking Cisco EnergyWise Version: 1.0 Date: 7/1/14 Classification: Author(s): Public Ayhan Koca, Matthias Luft TABLE OF CONTENT 1 HANDLING... 5 1.1 DOCUMENT STATUS AND OWNER... 5
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationDreamFactory Security Guide
DreamFactory Security Guide This white paper is designed to provide security information about DreamFactory. The sections below discuss the inherently secure characteristics of the platform and the explicit
More informationThreat Modeling. Bart De Win Secure Application Development Course, Credits to
Threat Modeling Bart De Win bart.dewin@ascure.com Secure Application Development Course, 2009 Credits to Frank Piessens (KUL) for the slides 2 1 Overview Introduction Key Concepts Threats, Vulnerabilities,
More informationApplication Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
More informationTECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES
TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES Contents Introduction... 3 The Technical and Organizational Data Security Measures... 3 Access Control of Processing Areas (Physical)... 3 Access Control
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationNIST Cloud Computing Security Working Group
NIST Cloud Computing Security Working Group NIST Cloud Computing Security Reference Architecture NIST Enterprise-Wide Data-Centric Computing Environment February, 2013 Dr. Michaela Iorga, NIST, Computer
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationChapter 9. Firewalls
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however
More informationA (sample) computerized system for publishing the daily currency exchange rates
A (sample) computerized system for publishing the daily currency exchange rates The Treasury Department has constructed a computerized system that publishes the daily exchange rates of the local currency
More informationWhy the cloud matters?
Why the cloud matters? Speed and Business Impact Expertise and Performance Cost Reduction Trend Micro Datacenter & Cloud Security Vision Enable enterprises to use private and public cloud computing with
More informationGlobal Information Assurance Certification Paper
Global Information Assurance Certification Paper Copyright SANS Institute Author Retains Full Rights This paper is taken from the GIAC directory of certified professionals. Reposting is not permited without
More informationUnited States Government Cloud Standards Perspectives
United States Government Cloud Standards Perspectives in the context of the NIST initiative to collaboratively build a USG Cloud Computing Technology Roadmap NIST Mission: To promote U.S. innovation and
More information6 Months Training Module in MS SQL SERVER 2012
6 Months Training Module in MS SQL SERVER 2012 Module 1 Installing and Configuring Windows Server 2012 Installing and Managing Windows Server 2012 Windows Server 2012 Overview Installing Windows Server
More informationCloud Computing Lectures. Cloud Security
Cloud Computing Lectures Cloud Security 1/17/2012 Why security is important for cloud computing? Multi Tenancy, that is same infrastructure, platform, Service is shared among vendors. It is accessed over
More informationCyber Security Audit & Roadmap Business Process and
Cyber Security Audit & Roadmap Business Process and Organizations planning for a security assessment have to juggle many competing priorities. They are struggling to become compliant, and stay compliant,
More informationSpecialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com
Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting
More informationNIST Revision 2: Guide to Industrial Control Systems (ICS) Security
NIST 800-82 Revision 2: Guide to Industrial Control Systems (ICS) Security How CyberArk can help meet the unique security requirements of Industrial Control Systems Table of Contents Executive Summary
More informationMULTILEVEL POLICY BASED SECURITY IN DISTRIBUTED DATABASE
MULTILEVEL POLICY BASED SECURITY IN DISTRIBUTED DATABASE CHAPTER 8 Addressing security demands under fixed budgets and deadline constraints are becoming extremely challenging, time consuming and resource
More informationPrivacy hacking & Data Theft
Privacy hacking & Data Theft Cloud Computing risks & the Patricia A RoweSeale CIA, CISA, CISSP, CRISC, CRMA The IIA (Barbados Chapter) Internal Audit Portfolio Director CIBC FirstCaribbean Objectives Cloud
More informationData about data is database Select correct option: True False Partially True None of the Above
Within a table, each primary key value. is a minimal super key is always the first field in each table must be numeric must be unique Foreign Key is A field in a table that matches a key field in another
More informationData Security and Privacy Principles IBM Cloud Services
Data Security and Privacy Principles IBM Cloud Services 2 Data Security and Privacy Principles: IBM Cloud Services Contents 2 Overview 2 Governance 3 Security Policies 3 Access, Intervention, Transfer
More informationDetecting Insider Attacks on Databases using Blockchains
Detecting Insider Attacks on Databases using Blockchains Shubham Sharma, Rahul Gupta, Shubham Sahai Srivastava and Sandeep K. Shukla Department of Computer Science and Engineering Indian Institute of Technology,
More informationCisco Virtualized Multi-Tenant Data Center Cloud Consumer Models
Cisco Virtualized Multi-Tenant Data Center Cloud Consumer Models Last Updated: March 6, 2012 ALL DESIGNS, SPECIFICATIONS, STATEMENTS, INFORMATION, AND RECOMMENDATIONS (COLLEC- TIVELY, "DESIGNS") IN THIS
More informationMulti Packed Security Addressing Challenges in Cloud Computing
Global Journal of Computer Science and Technology Cloud and Distributed Volume 13 Issue 1 Version 1.0 Year 2013 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationTopics of Discussion
CPET 581 Cloud Computing: Technologies and Enterprise IT Strategies Lecture on NIST Cloud Computing Definition, Standards & Roadmap, Security & Privacy Guidelines Spring 2013 A Specialty Course for Purdue
More informationBuilding a Secure and Compliant Cloud Infrastructure. Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc.
Building a Secure and Compliant Cloud Infrastructure Ben Goodman Principal Strategist, Identity, Compliance and Security Novell, Inc. Why Are We Here? Expanded Enterprise Data access anywhere, anytime
More informationPost-Class Quiz: Access Control Domain
1. In order to perform data classification process, what must be present? A. A data classification policy. B. A data classification standard. C. A data classification procedure. D. All of the above. 2.
More informationACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems
ACS-3921/4921-001 Computer Security And Privacy Chapter 9 Firewalls and Intrusion Prevention Systems ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been
More informationCIS Controls Measures and Metrics for Version 7
Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update
More informationData Security: Public Contracts and the Cloud
Data Security: Public Contracts and the Cloud July 27, 2012 ABA Public Contract Law Section, State and Local Division Ieuan Mahony Holland & Knight ieuan.mahony@hklaw.com Roadmap Why is security a concern?
More informationM2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres
M2M / IoT Security Eurotech`s Everyware IoT Security Elements Overview Robert Andres 23. September 2015 The Eurotech IoT Approach : E2E Overview Application Layer Analytics Mining Enterprise Applications
More informationTHE DATA CENTER AS A COMPUTER
THE DATA CENTER AS A COMPUTER Cloud Computing November- 2013 FIB-UPC Master MEI CLOUD COMPUTING It s here to stay CONTENT 1. How do we get here? 2. What is Cloud Computing? 3. Definitons and types 4. Case
More information90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government
More informationNetwrix Auditor for SQL Server
Netwrix Auditor for SQL Server Quick-Start Guide Version: 9.5 10/25/2017 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment from
More informationThe Challenge of Cloud Security
The Challenge of Cloud Security Dr. Ray Klump Chair, Mathematics & Computer Science Director, MS in Information Security Lewis University Poll Question #1: What type of cloud service are you
More informationGP Admin Best Practices. Security, Maintenance & and Disaster Recovery
GP Admin Best Practices Security, Maintenance & and Disaster Recovery IIS Security and Best Practices IIS Internet Information Services IIS Security and Best Practices IIS Security and Best Practices Securing
More informationFundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring
Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring Learning Objective Explain the importance of security audits, testing, and monitoring to effective security policy.
More informationCourse Outline Faculty of Computing and Information Technology
Course Outline Faculty of Computing and Information Technology Title Code Instructor Name Credit Hours Prerequisite Prerequisite Skill/Knowledge/Understanding Category Course Goals Statement of Course
More informationOptimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution
DATASHEET Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution Features & Benefits Best-in-class VPN and vadc solutions A single point of access for all
More informationSQL Server 2005 Technology Primer
20_0672329565_ch15.qxd 9/7/07 8:36 AM Page 537 CHAPTER 15 SQL Server 2005 Technology Primer Microsoft SQL Server 2005 is comprehensive enterprise class data management and business intelligence platform.
More informationOracle Database Vault with Oracle Database 12c ORACLE WHITE PAPER MAY 2015
Oracle Database Vault with Oracle Database 12c ORACLE WHITE PAPER MAY 2015 Table of Contents Introduction 1 Controls for Privileged Accounts 2 Privilege User Access Controls on Application Data with Realms
More informationSurvey of Oracle Database
Survey of Oracle Database About Oracle: Oracle Corporation is the largest software company whose primary business is database products. Oracle database (Oracle DB) is a relational database management system
More information(ADVANCED) DATABASE SYSTEMS (DATABASE MANAGEMENTS) PROF. DR. HASAN HÜSEYİN BALIK (6 TH WEEK)
(ADVANCED) DATABASE SYSTEMS (DATABASE MANAGEMENTS) PROF. DR. HASAN HÜSEYİN BALIK (6 TH WEEK) 4. OUTLINE 4. Implementation 4.1 Introduction to SQL 4.2 Advanced SQL 4.3 Database Application Development 4.4
More informationEpicor ERP System Administration Guide 10.1
Epicor ERP 10.1 Disclaimer This document is for informational purposes only and is subject to change without notice. This document and its contents, including the viewpoints, dates and functional content
More informationDatabase Creation & Setup for SQL Server
Database Creation & Setup for SQL Server INSTALLATION MANUAL D000480 rev 4.0 TRADEMARK NOTICE Bentley and the "B" Bentley logo are registered or non-registered trademarks of Bentley Systems, Inc. or Bentley
More informationSample Question Paper
Sample Question Paper Marks : 70 Time:3 Hour Q.1) Attempt any FIVE of the following. a) List any four applications of DBMS. b) State the four database users. c) Define normalization. Enlist its type. d)
More informationIntegration Service. Admin Console User Guide. On-Premises
Kony Fabric Integration Service Admin Console User Guide On-Premises Release V8 SP1 Document Relevance and Accuracy This document is considered relevant to the Release stated on this title page and the
More informationSecurity context. Technology. Solution highlights
Code42 CrashPlan Security Code42 CrashPlan provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the enterprise need for
More informationemerchant API guide MSSQL quick start guide
C CU us st toomme er r SUu Pp Pp Oo Rr tt www.fasthosts.co.uk emerchant API guide MSSQL quick start guide This guide will help you: Add a MS SQL database to your account. Find your database. Add additional
More informationSouhwan Jung.
Souhwan Jung Outline 2 Paradigm Shift of Computing 3 Mainframe Computing Sharing of Computing resources Distributed Computing Distribution and networking for computing capability Cloud Computing Virtualization
More informationTrusted Computing Group
Trusted Computing Group Backgrounder May 2003 Copyright 2003 Trusted Computing Group (www.trustedcomputinggroup.org.) All Rights Reserved Trusted Computing Group Enabling the Industry to Make Computing
More informationEFFECTIVE INTRUSION DETECTION AND REDUCING SECURITY RISKS IN VIRTUAL NETWORKS (EDSV)
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 3, Issue. 8, August 2014,
More informationCloud-Security: Show-Stopper or Enabling Technology?
Cloud-Security: Show-Stopper or Enabling Technology? Fraunhofer Institute for Secure Information Technology (SIT) Technische Universität München Open Grid Forum, 16.3,. 2010, Munich Overview 1. Cloud Characteristics
More informationEssay Question: Explain 4 different means by which constrains are represented in the Conceptual Data Model (CDM).
Question 1 Essay Question: Explain 4 different means by which constrains are represented in the Conceptual Data Model (CDM). By specifying participation conditions By specifying the degree of relationship
More informationComprehensive Database Security
Comprehensive Database Security Safeguard against internal and external threats In today s enterprises, databases house some of the most highly sensitive, tightly regulated data the very data that is sought
More informationMigrationWiz Security Overview
MigrationWiz Security Overview Table of Contents Introduction... 2 Overview... 2 Shared Security Approach... 2 Customer Best Practices... 2 Application Security... 4 Data Security and Handling... 4 Database
More informationISC2. Exam Questions CISSP. Certified Information Systems Security Professional (CISSP) Version:Demo
ISC2 Exam Questions CISSP Certified Information Systems Security Professional (CISSP) Version:Demo 1. How can a forensic specialist exclude from examination a large percentage of operating system files
More informationTop 10 Database Security Threats and How to Stop Them. Rob Rachwald Director of Security Strategy
Top 10 Database Security Threats and How to Stop Them Rob Rachwald Director of Security Strategy Data Has Value Data Has Value Top 7 Attacks Discussed in Hacker Forums 11% 9% 12% 12% 15% 21% 20% dos/ddos
More informationNetwrix Auditor for Active Directory
Netwrix Auditor for Active Directory Quick-Start Guide Version: 8.0 4/22/2016 Legal Notice The information in this publication is furnished for information use only, and does not constitute a commitment
More informationApplication and Data Security with F5 BIG-IP ASM and Oracle Database Firewall
F5 White Paper Application and Data Security with F5 BIG-IP ASM and Oracle Database Firewall Organizations need an end-to-end web application and database security solution to protect data, customers,
More informationOverview of Information Security
Overview of Information Security Lecture By Dr Richard Boateng, UGBS, Ghana Email: richard@pearlrichards.org Original Slides by Elisa Bertino CERIAS and CS &ECE Departments, Pag. 1 and UGBS Outline Information
More informationCT13 DATABASE MANAGEMENT SYSTEMS DEC 2015
Q.1 a. Explain the role of concurrency control software in DBMS with an example. Answer: Concurrency control software in DBMS ensures that several users trying to update the same data do so in a controlled
More informationSecurity Policies and Procedures Principles and Practices
Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability
More informationSolved MCQ on fundamental of DBMS. Set-1
Solved MCQ on fundamental of DBMS Set-1 1) Which of the following is not a characteristic of a relational database model? A. Table B. Tree like structure C. Complex logical relationship D. Records 2) Field
More informationCIS Controls Measures and Metrics for Version 7
Level 1.1 Utilize an Active Discovery Tool 1.2 Use a Passive Asset Discovery Tool 1.3 Use DHCP Logging to Update Asset Inventory 1.4 Maintain Detailed Asset Inventory 1.5 Maintain Asset Inventory Information
More information