Database Security within the General Security Landscape and a Defense-in-Depth Strategy - Implementing Database Security and Auditing

Databases Reference

In-Depth Information

important, the following metaphor was adopted: perimeter security cre-

ates a “hard crust and a soft chewy center.” The focus on internal security

aims at hardening and securing this soft, chewy center so that even attacks

initiated from the inside will be addressed. Database security certainly falls

into this category; after all, databases are perhaps the best example of crit-

ical infrastructure that has always been (and will always remain) deep

within the core.

One approach to securing the core is to use the same products that are

used to secure the perimeter within your internal network. This is often the

approach taken by security and network groups, because these products are

something with which they are familiar. Firewalls, for example, can be used

within the corporate network to segment an internal network, assuring, for

example, that the support department does not have access to the HR net-

work. This has two positive effects. First, insider threats are reduced because

insiders are not free to roam the entire corporate network and are limited to

their department's servers. Because 70% of all security incidents are com-

mitted by insiders, this can have a big impact. In addition, if external

attackers are able to compromise one of the firewalls or are able to find a

way onto the corporate network, they still have access only to a certain seg-

ment of the overall network.

In the same way, IDS/IPS systems can be used within the internal net-

work. IDS sensors can be deployed internally to monitor intrusions from

insiders or outsiders who have managed to breach the perimeter. But most

important, pushing into the core is usually associated with more granular

access control rules, deep packet inspection, and advanced technologies

such as application security and database security products.

2.5

Application security

One of the main areas that is considered a primary initiative in securing the

core involves application security—and more specifically Web application

security. Although the topic of application security is broad and addresses all

types of application architectures and frameworks, much of the focus of both

security technologies and security initiatives involves Web applications.

This is a result of the huge adoption of e-commerce and e-business, the

fact that many applications have been rewritten using Web technologies,

and the fact that by making these applications available to remote users

(and often external users), security concerns increase as do vulnerabilities.

The Web application model is inherently insecure. For example, Web appli-

cations run most of their processing on the server and the browser merely

Search WWH ::

Custom Search

Home