Keamanan BasisData

CHAPTER 1

Mempelajari dan mengkaji issue-issue keamanan basis data dan implementasinya pada sistem yang menggunakan DBMS komersial / non-komersial

Tujuan

¡ Memahami konsep, prinsip, dan konteks keamanan basis data.

¡ Mampu melakukan analisis kebutuhan dan perancangan keamanan basis data.

¡ Mampu menerapkan hasil perancangan keamanan basis data pada sistem tertentu.

¡ Mengetahui berbagai model keamanan basis data pada sistem yang menggunakan DBMS komersial / non-komersial.

Tujuan keamanan Basisdata

¡ Secrecy/Confidentiality: Information should not be disclosed to unauthorized users. For example, student should not be allowed to examine other student’s grades.

¡ Integrity: Only authorized users should be allowed to modify data. For example, student may be allowed to see their grades, yet not allowed (obviously) to modify them.

¡ Availability: Authorized users should not be denied access. For example, an instructor who wishes to change a grade should be allowed to do so

Materi

¡ Konsep, prinsip, dan konteks keamanan basis data.

¡ Database security management:

Analisis kebutuhan keamanan basis data
Perancangan keamanan basis data

¡ Implementasi keamanan basis data:

Model-model keamanan basis data
Mekanisme umum keamanan basis data
Statistik keamanan basis data

Ruang lingkup

Referensi

¡ Raghu Ramakrishnan & Johannes Gehrke, “Database Management Systems”, Chapter 21.

¡ http://www-1g.cs.luc.edu/~van/cs468/lecture22/

index.html

¡ DBMS Reference Manual:

MySQL 5.0
MS-Access 2.0
Oracle 9i atau Oracle 10g
MS-SQL Server 2000

Situasi

¡ Sistem pengolahan data yang menggunakan basis data sebagai tempat penyimpanan datanya.

¡ Basis data mungkin disimpan secara terpusat atau tersebar dengan duplikasi (replikasi, fragmentasi).

¡ Ada banyak pemakai yang dapat mengakses basis data melalui jaringan komputer (LAN, intranet, internet).

Tindakan keamanan

¡ Tindakan untuk melindungi sumber daya basis data dari pengaksesan yang tidak berhak, modifikasi, atau bentuk intervensi lainnya.

¡ Sekumpulan perangkat yang dirancang untuk melindungi record-record data dan sumber daya basis data lainnya dari orang-orang yang tidak berhak.

Ancaman keamanan terhadap Basisdata

¡ Interuption: Sumber daya basis data dirusak atau menjadi tidak dapat dipakai (ancaman terhadap availability).

¡ Interception: Pemakai atau bagian yang tidak berhak mengakses sumber daya basis data (ancaman secrecy).

¡ Modification: Pemakai atau bagian yang tidak berhak tidak hanya mengakses tapi juga merusak sumber daya sistem komputer (ancaman integrity).

¡ Fabrication: Pemakai atau bagian yang tidak berhak menyisipkan objek palsu kedalam sistem (ancaman integrity).

Bentuk ancaman VS CIA

Tahap ancaman dan Penangkalan

Tahap Ancaman	Penangkalan
Pengamatan	Pencegahan
Penyusupan	Deteksi
Pelaksanaan	Pemberantasan, Pemulihan
Penghilangan Jejak	Log System

Contoh keamanan basisdata

Mengapa keamanan basisdata sangat penting ?

¡ Databases often store data which is sensitive in nature.

¡ Incorrect data or loss of data could negatively affect business operations.

¡ Databases can be used as bases to attack other systems from.

Evolving Database Threat Environment

¡ A decade ago, databases were:

Physically secure
Housed in central data centers – not distributed
External access mediated through customer service reps, purchasing managers, etc.
Security issues rarely reported

¡ Now increasingly DB’s externally accessible:

Suppliers directly connected
Customers directly connected
Customers & partners directly sharing data

¡ Data is most valuable resource in application stack

Value increases with greater integration & aggregation
Opportunities for data theft, modification, or destruction

¡ DB security a growing problem

Strategi Keamanan Basis data

¡ Principle of least privilege

¡ Password security

¡ Firewalling / access control

¡ Remove / disable unneeded default accounts

¡ Disable unneeded components

¡ Running database processes under dedicated non-privileged account.

Beberapa bentuk penerapan keamanan basisdata

¡ Kerberos security (network authentication protocol)

¡ Port access security

¡ Virtual private databases

¡ Role-based security

¡ Grant-execute security

CHAPTER 2

DATABASE SECURITY MANAJEMEN

¡ Database Security Management can defined as a set activities that covers:

Database Security Plan
Database Security Requirements Analysis
Database Security Design
Database Security Implementation
Database Security Audit

Database Security Management vs Database Design

Database security Plan

¡ Describes how an organization will address its database security needs.

¡ Identifying and organizing the database security activities for a computing system.

¡ The objective of a database security plan is to enable staff to act effectively to prevent and mitigate the effects of database security problems.

¡ Database Security Plan must address six issues below:

Policy
Current Security Status
Recommendation
Accountability
Timetable
Continuing Attention

Database security Policy

¡ Database security policy indicate the goals of a database security effort and the willingness to work to achieve.

¡ Security policies for database operation:

System Security Policy
Data Security Policy
User Security Policy
Password Management Policy
Auditing Policy
A Security Checklist

¡ System Security Policy

Database User Management
User Authentication
Operating System Security

¡ Data Security Policy

Includes the mechanisms that control the access to and use of the database at the object level.

¡ User Security Policy

General User Security
End-User Security
Administrator Security
Application Developer Security
Application Administrator Security

¡ Password Management Policy

Account Locking
Password Aging and Expiration
Password History
Password Complexity Verification

¡ Auditing Policy

Monitor suspicious database activity
Gather historical information about particular database activities

¡ A Security Checklist

Provides guidance on configuring DBMS in a secure manner for operational database deployments.

Current Security Status

¡ Describing the status of a database security at the time of the plan.

¡ Status includes:

A listing of the database resources
The security threats to the resources
The controls in place to protect the resources

Database security Recommendation

¡ Recommendations and requirements which lead to meeting the database security goals.

Ownership and Responsibility
Resources and Their Vulnerabilities
Threats
Solutions
Security Measures
Guidelines to Personnel

Database Security Accountability

¡ A plan of accountability so that responsible people can later be judged on the results they have achieved.

¡ It should describe who is responsible for each database security activity

Database security Timetable

¡ Identifying when different security functions are to be done.

¡ Also gives a milestones by which the progress can be judged.

Database security Continuing Attention

¡ Specifying a structure to update the database security plan periodically.

¡ Periodically the inventory of objects and the list of controls should be updated, the risk analysis should be reviewed.

¡ The security plan should be set a time for this periodic review.

Database Security Requirements Analysis

¡ Making a determination of what must be done, when it must be done, what is needed to do it, and who should be doing it.

¡ Also includes an examination of the physical access point to data

¡ Database security requirements analysis steps:

¡ Identification and evaluation of securable resources (subjects and objects).

¡ Examination of each of these resources to determine if they need to be secured.

¡ Risk analysis / risk evaluation.

¡ Determine how to achieve the desired level security.

Beberapa Contoh Jenis Threats

¡ User / Pihak Luar

Mengakses dan mengupdate data yang bukan menjadi haknya.
Menggunakan hak akses orang lain
Melihat dan mengupdate data yang tidak diotorisasi

¡ Programmer

Membuat program yang tidak aman
Membuat account sendiri
Menyimpan virus atau program lainnya yang merusak

¡ Database administrator

Menyalahgunakan kewenangan yang dimiliki

Database Security Design

¡ Identification of the subjects and objects relevant from a security viewpoint.

¡ Identification of access modes granted to different subjects on different objects; constraints on access.

¡ Translate the analysis model to a specific DBMS view-based and query-based security technique.

Contoh hasil Database security design

Database security Implementation

¡ Transform database security design model to specific DBMS using its features or SQL statements.

¡ Issues in database security implementation usually to be concerned, respectively:

User Authorization

▪ Userid

▪ Password

Discretionary Security

▪ GRANT statements

▪ REVOKE statements

Mandetory Security

▪ Security level

Creating a User
- CREATE USER cs IDENTIFIED BY sohib;
- CREATE USER teller IDENTIFIED BY kobam;
- CREATE USER finance IDENTIFIED BY doku;
- Add Account Locking
  - CREATE PROFILE prof LIMIT FAILED_LOGIN_ATTEMPTS 4 PASSWORD_LOCK_TIME 30;
  - ALTER USER cs PROFILE prof;
  - Granting Privileges
    - GRANT SELECT, INSERT ON tblAccount TO cs;
    - GRANT SELECT, UPDATE ON tblAccount TO teller;
    - GRANT SELECT, UPDATE, DELETE ON tblAccount TO finance;
    - Using Roles
      - CREATE USER manager IDENTIFIED BY boss;
      - CREATE ROLE supervisor;
      - GRANT SELECT, INSERT, UPDATE, DELETE ON tblAccount TO supervisor;
      - GRANT SELECT ON tblCustomer TO supervisor;
      - GRANT SELECT, INSERT, UPDATE ON tblTransaction TO supervisor;
      - GRANT supervisor TO manager;