Database Security

Data security is of vital importance to a business function. Database administrator in collaboration with business and security administrator, identify the sensitive and confidential data elements that need to be secure from storage and access point of view. This section will guide the user with the necessary procedure.

Prerequisites

  1. Responsible parties have coordinated with Security information. See Coordination.
  2. The database administrator has the model and identified the fields to be encrypted.
  3. The database administrator has all the enterprise users who will access the data, and their respective roles and responsibilities.

Procedure

  1. Create/Modify a database configuration file. Under the security section, fill in the values provided by your Security Administrator. See the Figure below. Database security configuration

  2. For each field that is marked confidential or sensitive by the Business Owners, perform one of the 2 things.
    1. Mark the field in the configuration file as encrypted. See below.

    2. Use the admin command to create the attribute as an encrypted attribute. Ensure you are logged in as an Administrator or as a user who has the privilege to modify the system catalogue.

    3. Attribute descriptor cannot be dropped from system.
  3. Create Roles and grant privilege to the system catalogue objects in the database. Similar to point 2, Roles can be created either in database configuration file or from admin console.
    1. In the database configuration, add roles as follows

    2. Use the admin command to add roles.

  4. Create Users with specified roles and/or add Roles to an existing user. It is achieved similar to the way roles are added to the system. Skipping the screenshots for the same.
  5. Choose passwords for the user. The password is digested using the PBDKF2 algorithm with SHA1 digest.
  6. Ensure the correct user has the "Read/Update/Delete" permission on the $SYSCATALOG object. This is a system table and provides access to view/delete system objects.
  7. Ensure Operators who perform a backup of the database have Import/Export permissions on all objects.
  8. Ensure Operators who monitor and manage the server instance have "Diagnostic" permission and Operator role permission. This allows operators to perform,
    1. Dump server stack trace
    2. Stop server
    3. Show and kill connections
    4. Get Monitoring Statistics
  9. When the user leaves the organization, follow up by disabling/dropping the user, and backing up the user pertaining data.