Implementing Database Security and Auditing.
Title:
Implementing Database Security and Auditing.
Author:
Ben Natan, Ron.
ISBN:
9780080470641
Personal Author:
Edition:
5th ed.
Physical Description:
1 online resource (433 pages)
Contents:
front cover -- copyright -- Contents -- front matter -- Preface -- body -- 1. Getting Started -- 1.1 Harden your database environment -- 1.2 Patch your database -- 1.3 Audit the database -- 1.4 Define an access policy as the center of your database security and auditing initiative -- 1.5 Resources and Further Reading -- 1.6 Summary -- 1.A C2 Security and C2 Auditing -- 2. Database Security within the General Security Landscape and a Defense- in- Depth Strategy -- 2.1 Defense-in-depth -- 2.2 The security software landscape -- 2.3 Perimeter security, firewalls, intrusion detection, and intrusion prevention -- 2.4 Securing the core -- 2.5 Application security -- 2.6 Public key infrastructure (PKI) -- 2.7 Vulnerability management -- 2.8 Patch management -- 2.9 Incident management -- 2.10 Summary -- 3. The Database as a Networked Server -- 3.1 Leave your database in the core -- 3.2 Understand the network access map for your database environment -- 3.3 Track tools and applications -- 3.4 Remove unnecessary network libraries -- 3.5 Use port scanners--so will the hackers -- 3.6 Secure services from known network attacks -- 3.7 Use firewalls -- 3.8 Summary -- 3.A What is a VPN? -- 3.B Named Pipes and SMB/CIFS -- 4. Authentication and Password Security -- 4.1 Choose an appropriate authentication option -- 4.2 Understand who gets system administration privileges -- 4.3 Choose strong passwords -- 4.4 Implement account lockout after failed login attempts -- 4.5 Create and enforce password profiles -- 4.6 Use passwords for all database components -- 4.7 Understand and secure authentication back doors -- 4.8 Summary -- 4.A A brief account of Kerberos -- 5. Application Security -- 5.1 Reviewing where and how database users and passwords are maintained -- 5.2 Obfuscate application code -- 5.3 Secure the database from SQL injection attacks.
5.4 Beware of double whammies: Combination of SQL injection and buffer overflow vulnerability -- 5.5 Don't consider eliminating the application server layer -- 5.6 Address packaged application suites -- 5.7 Work toward alignment between the application user model and the database user model -- 5.8 Summary -- 6. Using Granular Access Control -- 6.1 Align user models by communicating application user information -- 6.2 Use row-level security (fine-grained privileges/ access control) -- 6.3 Use label security -- 6.4 Integrate with enteprise user repositories for multitiered authentication -- 6.5 Integrate with existing identity management and provisioning solutions -- 6.6 Summary -- 7. Using the Database To Do Too Much -- 7.1 Don't use external procedures -- 7.2 Don't make the database a Web server and donÌt promote stored procedure gateways -- 7.3 Don't generate HTML from within your stored procedures -- 7.4 Understand Web services security before exposing Web services endpoints -- 7.5 Summary -- 7.A Cross-site scripting and cookie poisoning -- 7.B Web services -- 8. Securing database- to- database communications -- 8.1 Monitor and limit outbound communications -- 8.2 Secure database links and watch for link-based elevated privileges -- 8.3 Protect link usernames and passwords -- 8.4 Monitor usage of database links -- 8.5 Secure replication mechanisms -- 8.6 Map and secure all data sources and sinks -- 8.7 Summary -- 9. Trojans -- 9.1 The four types of database Trojans -- 9.2 Baseline calls to stored procedures and take action on divergence -- 9.3 Control creation of and changes to procedures and triggers -- 9.4 Watch for changes to run-as privileges -- 9.5 Closely monitor developer activity on production environments -- 9.6 Monitor creation of traces and event monitors -- 9.7 Monitor and audit job creation and scheduling.
9.8 Be wary of SQL attachments in e-mails -- 9.9 Summary -- 9.A Windows Trojans -- 10. Encryption -- 10.1 Encrypting data-in-transit -- 10.2 Encrypt data-at-rest -- 10.3 Summary -- 10.A Tapping into a TCP/IP session -- 11. Regulations and Compliance -- 11.1 The alphabet soup of regulations: What does each one mean to you? -- 11.2 Understand business needs and map to technical requirements -- 11.3 The role of auditing -- 11.4 The importance of segregation of duties -- 11.5 Implement a sustainable solution -- 11.6 Summary -- 12. Auditing Categories -- 12.1 Audit logon/logoff into the database -- 12.2 Audit sources of database usage -- 12.3 Audit database usage outside normal operating hours -- 12.4 Audit DDL activity -- 12.5 Audit database errors -- 12.6 Audit changes to sources of stored procedures and triggers -- 12.7 Audit changes to privileges, user/login definitions, and other security attributes -- 12.8 Audit creations, changes, and usage of database links and of replication -- 12.9 Audit changes to sensitive data -- 12.10 Audit SELECT statements for privacy sets -- 12.11 Audit any changes made to the definition of what to audit -- 12.12 Summary -- 13. Auditing Architectures -- 13.1 Don't create a false sense of security -- 13.2 Opt for an independent/backup audit trail -- 13.3 Architectures for external audit systems -- 13.4 Archive auditing information -- 13.5 Secure auditing information -- 13.6 Audit the audit system -- 13.7 Sustainable automation and oversight for audit activities -- 13.8 Thinks in terms of a data warehouse -- 13.9 Implement good mining tools and security applications -- 13.10 Support changing audit requirements -- 13.11 Prefer an auditing architecture that is also able to support remediation -- 13.12 Summary -- 13.A PGP and GPG -- Index.
Abstract:
This book is about database security and auditing. You will learn many methods and techniques that will be helpful in securing, monitoring and auditing database environments. It covers diverse topics that include all aspects of database security and auditing - including network security for databases, authentication and authorization issues, links and replication, database Trojans, etc. You will also learn of vulnerabilities and attacks that exist within various database environments or that have been used to attack databases (and that have since been fixed). These will often be explained to an "internals level. There are many sections which outline the "anatomy of an attack - before delving into the details of how to combat such an attack. Equally important, you will learn about the database auditing landscape - both from a business and regulatory requirements perspective as well as from a technical implementation perspective. * Useful to the database administrator and/or security administrator - regardless of the precise database vendor (or vendors) that you are using within your organization. * Has a large number of examples - examples that pertain to Oracle, SQL Server, DB2, Sybase and even MySQL.. * Many of the techniques you will see in this book will never be described in a manual or a book that is devoted to a certain database product. * Addressing complex issues must take into account more than just the database and focusing on capabilities that are provided only by the database vendor is not always enough. This book offers a broader view of the database environment - which is not dependent on the database platform - a view that is important to ensure good database security.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Genre:
Electronic Access:
Click to View