IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Hardware & Software Remarks
____________________________________________________________________ .........................................
S 4.42 Implementation of security functions in the IT
application
Initiation responsibility: Head of IT Section, IT security management,
data privacy officer, persons responsible for
individual IT applications
Implementation responsibility: Application developer
There may be several reasons why it might be necessary to implement security
functions such as access control, administration and checking of access rights
or logging within the application programs themselves:
- If the logging facilities of the IT system, including the additional IT
security products used, are not sufficient to guarantee adequate verification
security, then these protocol elements must be implemented in the
application program. (Example: BDSG, Appendix to § 9, Input
Monitoring: “to guarantee that it is subsequently possible to check and
ascertain which person-related data have been entered into data processing
systems at what time and by whom“.)
- If the granularity of the IT system’s access rights inclusive of additional
security products used is not sufficient to guarantee proper operation, then
administration and monitoring of access rights must be implemented in the
application program. (Example: a data base with a joint data pool. It should
be assumed that access is only permissible to certain fields depending on
the user’s role.)
- If it is not possible with the IT system, including the additional IT security
products used, to prevent the administrator from gaining access to certain
data or at least to log this access and monitor it, then this must be
implemented where necessary by additional security features in the
application program. For example, by encrypting the data it is possible to
prevent the administrator from reading this data in plain text if he does not
possess the appropriate key.
These additional requirements on IT applications must be taken into account
at the time of planning and development, as subsequent implementation is
usually no longer possible for reasons of cost.
Additional controls:
- When developing new IT applications, is there a systematic determination
of the security functions the application must provide?
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000