IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Hardware & Software Remarks
____________________________________________________________________ .........................................
S 4.68 Ensuring consistent database management
Initiation responsibility: Head of IT Section, IT Security Management,
Administrators
Implementation responsibility: Administrators
In principle, the ID of the database administrator is not subject to any
restrictions concerning the use of the database system, which increases the
threat of errors and misuse. For this reason, the database administrator should
receive a standard user ID in addition to his administrator ID, and only use the
latter when absolutely necessary.
Appropriate allocation of tasks, specification of guidelines, and measures for
co-ordination are required to ensure that administrators do not perform any
inconsistent or incomplete operations. The following requirements must be
met here:
- The techniques of performing and documenting modifications are to be
specified.
- The type and scope of modifications, as well as their reasons, are to be
described.
- In principle, changes to database objects or data must be approved by the
administrator of the related IT application. Modifications to central
database objects require the approval of all the administrators of the
concerned IT applications.
- The times of planned changes must be specified and announced.
- A full backup of the database must be created before any changes are
performed.
To avoid misuse to the greatest possible extent and preclude inconsistencies,
all the database objects of an application should be managed under a user ID
created specially for that application. As a result, changes to the database
objects can only be performed under this special user ID, and are not possible
even under the ID of the database administrator. The password of this special
user ID should only be known to the database administrator responsible for the
application in question.
Example:
The data of three applications, A, B and C are managed in a database. All
database objects allocated exclusively to application A are configured under
the database user ID apnA and managed only via this ID. The database objects
of the other two applications are assigned similarly. As a result, modifications
to the database objects of any of the three applications can only be performed
using the corresponding database user ID (provided that appropriately
restrictive access rights have been defined).
Database objects required by at least two of the three applications should be
created and managed under a central database ID.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000