IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
Examples:
- Users can be denied the rights to create or modify database objects
(e.g. tables).
- Users can be granted read-only access to a table, but denied writeaccess
to it.
- Individual users can be denied access to particular tables or table
fields.
- Some users can be denied access to data records with certain
attributes (e.g. an official in Bonn can be denied access to the data of
an official in Cologne).
- Some manufacturers offer the possibility of defining groups as well as
roles. This allows differentiated access control to database objects. Related
requirements must be clarified in advance and taken into consideration
when selecting the database software.
- The database software must also be examined with respect to the
monitoring and control mechanisms it offers. Related requirements must be
defined and compared with the features of the products (examples are
provided in S 2.133 Checking the Log Files of a Database System and S
2.126 Creation of a Database Security Concept).
- It must be checked as to whether the database software supports distinction
between the roles of administrator and auditor. It should be possible to
configure the role of an auditor who is solely authorised to analyse and
delete log files. This prevents potential manipulations by the database
administrator.
- To protect the integrity of the database, the database software must be
equipped with a complete transaction system in compliance with the ACID
principle. Nowadays, this requirement is fulfilled by all major relational
database management systems.
- Mechanisms for backing up the database must be available (refer to S 6.49
Data Backup in a Database).
Clarification is required in advance as to which data backup features the
database software needs to provide. For example, a partial database backup
is not possible with all commercially available products. In individual
cases, a check is therefore required as to whether the prepared database
backup policy can be implemented with the available mechanisms.
These criteria must be used as a basis for testing and evaluating the available
database systems. The software finally selected should fulfil the specified
requirements to the greatest possible extent. Any remaining requirements
should be covered using externally or internally developed add-ons. Before
procurement, clarification is required as to which external add-ons are
available for which database software, in order to avoid costly internal
development.
Most commercial database management systems are available in different
versions. Versions of the same database management system can differ in
terms of their functionality, also as regards data security. Due to intense
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000