IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 2.39 Complexity of a DBMS
The selection and use of standard database systems requires careful planning,
installation and configuration of the database management system (DBMS),
thus ensuring trouble-free operation. The following examples are intended to
elucidate the large variety of potential threats involved here.
Selection of an unsuitable standard database system:
- The selected DBMS cannot be executed in the designated runtime
environment. This might be due to the fact that the DBMS is only
compatible with a particular operating system or that the hardware used
does not fulfil the minimum requirements.
- The selected DBMS constitutes a security risk because the security
mechanisms provided by the manufacturer are not sufficient for ensuring
the required availability, integrity and confidentiality of the data.
Incorrect installation or configuration of the standard database system:
- Further threats might be posed if the security measures recommended by
the manufacturer are ignored or incorrectly implemented.
Example: The log files of a database system were not mirrored, or the
mirrored log files were not stored to another hard disk. A head crash causes
inevitable destruction of the database.
- The physical distribution of the data is not sufficient (if the DBMS
provides for physical distribution).
Example: Inside an Oracle database the files per tablespace are limited. If
all the data is being managed in the system tablespace, files can no longer
be added once this maximum number has been attained. As the system
tablespace also holds the data dictionary, this problem can only be solved
through a complete reinstallation of the database.
- Parameters that are set incorrectly can prevent access to certain data.
Example: Incorrect country settings in a database software program can
prevent certain country-specific special characters from being displayed.
Poor database concept:
- Missing database relations between individual tables can impair the
consistency of data and the integrity of the database.
- If application-specific data is not stored on separate physical media, the
failure of a single hard disk can lead to the failure of all applications.
- If no database triggers or stored procedures are used, inconsistencies might
arise in the data if an application, itself, does not take this into account..
- The poor concept regarding the use of database triggers and stored
procedures can impair the integrity of data and result in uncontrolled
manipulations.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000