Database Authorization and User Security Administration
By Richard Ngu
Below are some common key requirements that have shaped the authorization model in a distributed database systems:
• Coordinated authorization - The model must support authorization at the document and presentation tree levels.
• Distributed authorization - To avoid a potential denial of service and to improve response time, it is important that node servers be able to take access control decisions locally, without having to consult other servers.
• Minimization of the number of servers needing to know their potential clients - Client administration is simplified if few servers have to be contacted to change the status of a client.
• Support for node sharing - Documents and presentation trees should be able to reuse existing nodes without compromising authorization.
• Enforcement of least privilege - Clients should not receive more privilege than is necessary during a consultation session. That is, granting access to a document should only grant additional access to the contents linked to the document; granting access to a presentation tree should only grant access to the documents that compose the tree.
• Backward compatibility with existing nodes - It must be possible to control access to existing nodes without having to modify them.
• Support for node migration - Because of changes in computer systems and networks, nodes may need to migrate from one server to another. A user who has access rights over an object must always be able to access the object, regardless of the object's migration.
A user may have several forms of authorization on parts of the database: Read, Insert, Update and Delete authorization.
A user may be granted authorization to modify the database scheme: Index, Resource, Alteration and Drop authorization.
Relational databases do provide the basic mechanisms for implementing reasonable user authorization controls. However, user security administration presents a significant operational challenge and, as a result, proper controls are often not established or maintained.
A user's function within the organization determines their authorized level of access to applications, system resources and the database. The user's authorizations can be set at the database level by granting privileges and roles to the database user id and by setting the appropriate access controls on specific database objects such as tables. These must be defined for each user when the database user id is created along with other parameters such as system resource and table space quotas. Authentication parameters such as password expiration and minimum length settings must also be specified for each user. There are typically no provisions to store other useful information such as the user's full name, department, telephone number, etc. In addition, if the user is granted access to the database through an application, the relevant application specific parameters must be set up within the application's security tables. All of these tasks fall under the heading of user security administration.
The operational challenge of user security administration arises out of the fact that setting up and managing database authorization elements requires technical expertise and elevated privilege. Furthermore, each element is defined using a separate utility or group of commands. If there are multiple databases where the user's authorizations must be defined, the task becomes monumental. The commands must be repeated for each database and there is no central repository for easily modifying and deleting user security settings on multiple databases simultaneously.
The human resources required to implement, monitor and manage security at all levels within most organizations today are scarce and expertise is limited. At the database level, the responsibility for security usually falls upon the overburdened DBA, again because of the technical expertise and elevated privileges that are required. Due to other higher profile priorities such as keeping the production databases running efficiently at all times, the DBA has little time for this very time consuming task. Enabling security controls such as forced password aging and tighter access controls can further increase the DBA's workload in the form of requests for services such as password resets, the removal of a user's authorizations across multiple databases and investigations into why a particular user can not get access to needed data.
Good security policy and operational efficiency dictates that user security administration be handled by the security administration group. This group often already has responsibility for user security administration at the mainframe level and utilizes mature third party security software such as RACF™, ACF2™ and Top Secret™. These tools automate the security function and insulate them from the need for elevated privilege and the technical eccentricities of the mainframe operating system's user interface. Today, however, most information security departments are under staffed, under budgeted and under supported. They have limited technical expertise at the database level and lack the tools to take on database security administration. Granting them the elevated privileges required to do the job could result in accidental disruption of database service or performance problems.
Read more articles here
About Richard Ngu
Find out more at http://nextlevel.com.my/tutor/richy.
Copyright Notice
This article is copyrighted by Richard Ngu. You are allowed to reprint
this article on your web site as long as you include the full article text, the
author profile information above and this Copyright & Reprint Notices.
|
Change Currency