Ask DBMS Expert


Home >> DBMS

This final assignment is the logical continuation of assignment #1.

In assignment #1, you researched your organization or school to determine its database architecture, and you designed an Assessment and Analysis plan (Phase 1 of the Security Architecture Cycle) for your organization. In particular, you had to:

- Identify the assets to be protected
- Define and prioritize the threats against those assets

In this final assignment, you are asked to (partially) implement Phase 2 of the Security Architecture Cycle ("Design and Modeling", described on page 25 of the textbook). Armed with the knowledge you acquired during this term, you should be able to write policies and to prototype a security architecture that fit the needs of the business (or school) you selected in assignment #1.

In particular, you should address:

- What security policies need to be put into place in order to mitigate the identified threats? Security Policies are addressed on page 27. Some additional guidelines and examples are given below.

- What firmware/software changes need to take place to minimize vulnerabilities and support policies?

Given the database management system used in your selected environment and given the policy requirements, what changes in software version/configuration must be done?

- What security tools or applications should be added to minimize risk?

You are asked to include the description of the environment, the identified assets and threats from assignment #1 in the final assignment. Please feel free to make some "guesses" about the described environment.

Your final submission should be professional-looking. The expected length is between 6 to15 pages.

Guidelines for writing the policy:

- A security policy describes what it means for an organization to be secure. It is an agreed upon document that executive management uses to communicate its security goals and objectives. Thus, the language should be appropriate for all employees.
- The goal of such a policy is generally to protect valuable and/or confidential information from unauthorized access, but also to limit legal liability and prevent waste or inappropriate use of organization resources. Phrases such as "must", "should", or "will" are used to establish baseline expectations for behavior by employees and to authorize audits and monitoring.
- A security policy typically includes:
o Scope (1 paragraph)
o Goals (1 paragraph)
o Information classification (1-2 paragraphs)
o Actual requirements: as an itemized list. Specifically, database policy statements could address:
- Roles and responsibilities: Roles at the organization level could include application developer, database user, database administrator, database owner, application owner etc. Responsibilities should be designated.
- Database access types
- Authentication and authorization - a password policy should be defined or referenced
- Use of encryption (files, data in transit, backup files), managing encryption keys
- Backups and recovery (weekend or weekdays, on-line or off-line, incremental or full, etc.)
- Audits (auditor, frequency of audits, what is audited)
- Use of multi level security
- Use virtual private databases
- Database servers hardening (firewall/intrusion detection system, secure configuration, patch management, vulnerability assessment)
- Change management (ensure privileged accounts are documented, administered, monitored, and reviewed)
o Reference to supporting documents (existing procedures and guidelines)
o Reference to regulatory compliance (if any)
o Consequences for non-compliance of the security policy (1 - 2 paragraphs)

The following are sample security policies that could help you develop your database security policy:
- server security policy

(http://www.sans.org/security-resources/policies/server-security/pdf/server-security-policy ) ,
- Mobile Employee Endpoint Responsibility Policy

(http://www.sans.org/security-resources/policies/retired/pdf/mobile-employee-endpoint-responsibility-policy )

DBMS, Programming

  • Category:- DBMS
  • Reference No.:- M92044418
  • Price:- $75

Priced at Now at $75, Verified Solution

Have any Question?


Related Questions in DBMS

Data mining assignment -in this assignment you are asked to

Data Mining Assignment - In this assignment you are asked to explore the use of neural networks for classification and numeric prediction. You are also asked to carry out a data mining investigation on a real-world data ...

Sql query assignment -for this assignment you are to write

SQL Query Assignment - For this assignment you are to write your answers in a word document. This assignment is in three parts: Part A (reporting queries), Part B (query performance), Part C (query design). For this assi ...

The groceries datasetimagine 10000 receipts sitting on your

The groceries Dataset Imagine 10000 receipts sitting on your table. Each receipt represents a transaction with items that were purchased. The receipt is a representation of stuff that went into a customer's basket. That ...

You are in a real estate business renting apartments to

You are in a real estate business renting apartments to customers. Your job is to define an appropriate schema using SQL DDL in MySQL. The relations are Property(Id, Address, NumberOfUnits), Unit(ApartmentNumber, Propert ...

Objectivethe objective of this lab is to be familiar with a

OBJECTIVE: The objective of this lab is to be familiar with a process in big data modeling. You're required to produce three big data models using the MS PowerPoint software. This tool is available on UMUC Virtual Deskto ...

The relation memberstudentid organizationid roleid stores

The relation Member(StudentId, OrganizationId, RoleId) stores the membership information of student joining organization. For example, ('S1', 'O2', 'R3') indicates that student with Id 'S1' joined the organization with i ...

Relational database exerciseyou have been assigned to a new

Relational Database Exercise: You have been assigned to a new development team. A client is requesting a relational database system to manage their present store with the anticipation of adding more stores in the future. ...

Relational database design a given the following business

Relational Database Design A) Given the following business rules, identify entity types, attributes (at least two attributes for each entity, including the primary key) and relationships, and then draw an Entity-Relation ...

We can represent a data set as a collection of object nodes

We can represent a data set as a collection of object nodes and a collection of attribute nodes, where there is a link between each object and each attribute, and where the weight of that link is the value of the object ...

Data model development and implementationpurpose of the

Data model development and implementation Purpose of the assessment (with ULO Mapping) The purpose of this assignment is to develop data models and map Database System into a standard development environment to gain unde ...

  • 4,153,160 Questions Asked
  • 13,132 Experts
  • 2,558,936 Questions Answered

Ask Experts for help!!

Looking for Assignment Help?

Start excelling in your Courses, Get help with Assignment

Write us your full requirement for evaluation and you will receive response within 20 minutes turnaround time.

Ask Now Help with Problems, Get a Best Answer

Why might a bank avoid the use of interest rate swaps even

Why might a bank avoid the use of interest rate swaps, even when the institution is exposed to significant interest rate

Describe the difference between zero coupon bonds and

Describe the difference between zero coupon bonds and coupon bonds. Under what conditions will a coupon bond sell at a p

Compute the present value of an annuity of 880 per year

Compute the present value of an annuity of $ 880 per year for 16 years, given a discount rate of 6 percent per annum. As

Compute the present value of an 1150 payment made in ten

Compute the present value of an $1,150 payment made in ten years when the discount rate is 12 percent. (Do not round int

Compute the present value of an annuity of 699 per year

Compute the present value of an annuity of $ 699 per year for 19 years, given a discount rate of 6 percent per annum. As