IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 2.41 Poor organisation of the exchange of database
users
In situations where several users of a database share the same workstation,
inadvertent or deliberate data manipulations might result if the changes
between these users are poorly organised or undertaken incorrectly. Here too,
the confidentiality of the data is no longer guaranteed.
Example:
If an application that accesses a database is not exited correctly before a
change of user occurs, the different authorisation profiles of the affected users
will give rise to the afore-mentioned threats. This will also subvert the logging
function of the database that records the data modifications, and also those
tasks performed under the active user ID. However this ID will no longer
correspond to the user who is actually logged in.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000