IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
Responsibility for implementation lies with the persons in charge of
individual IT applications and the application-specific administrator,
insofar as the integrity constraints need to be realised in the form of
relations, primary keys or general database objects.
The following items must be prepared as part of planning an IT
application:
- A data model which maps the database objects as well as their
mutual relationships
- A technical concept which includes a description of the conditions
under which data can be manipulated.
The following points must be observed during the realisation of an IT
application:
- The actual implementation of the data model specified during the
conceptual phase must be described. This includes the definition and
creation of tables, indices, value ranges etc.
- Triggers and stored procedures are defined during the realisation of
the technical concept. Triggers and stored procedures can be used
within an application (in the programs) and in the database (for
tables). Triggers used on the database level act independently of the
overlying applications, and must thus be managed centrally.
Example: 'Update' trigger for a table:
Whenever a data record in the table is modified, the statements
defined for the trigger need to be executed. One of these statements
can comprise the invocation of a stored procedure.
Where applications are concerned, integrity can be ensured through the
suitable use of commit and rollback for transactions.
Additional controls:
- Are all the integrity control techniques described above implemented?
- Have all the integrity constraints been agreed with the administrators of the
individual IT applications?
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000