Upload
hope
View
104
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Database Security for Privacy. Sudha Iyer Principal Product Manager Oracle Corporation. Agenda. Business Drivers for Security/Privacy Privacy & Security Dynamics Role of Databases in Privacy Security Technologies for the Privacy Professional Privacy Compliance – An Example. - PowerPoint PPT Presentation
Citation preview
Database Security for Privacy
Sudha Iyer
Principal Product Manager
Oracle Corporation
Agenda
Business Drivers for Security/Privacy
Privacy & Security Dynamics
Role of Databases in Privacy
Security Technologies for the Privacy Professional
Privacy Compliance – An Example
Business Drivers
State of Security – United States
90% of respondents* detected computer security breaches within the last twelve months.
80% of respondents acknowledged financial losses due to computer breaches.
– $455,848,000 in quantifiable losses– $170,827,000 theft of proprietary information– $115,753,000 in financial fraud
74% cited their Internet connection as a frequent point of attack
33% cited internal systems as a frequent point of attack
* Source: 2002 CSI/FBI Computer Crime and Security Survey
Regulations Landscape
•Finance• Gramm-Leach-Bliley, Sarbanes Oxley
•Health • HIPAA
•Pharmaceutical•FDA CFR Part 11
•All Industries•SB 1386, Basel II
•Education and Children’s Protection•COPPA, FERPA
European Security Directives
Royal Decree 994/1999 (Spain)– Security regulation for files containing personal data
European Telecommunication Directive – Security of personally-identifiable information contains
limitations on collection, use and access to data
Outside EU and US,– Australia, Hong Kong; New Zealand; Chile; Argentina;
Canada, Taiwan;Korea;South Africa…
7
What is Privacy?
For the customer/employee/partner:– Right to exert control over collection and use of their
personal data by others
Appropriate management and collection of information about any named individual
PII – personally-identifiable information– Depends on the business– Depends on the context
8
Common Myths about Privacy
Security violates individual’s Privacy – Airport security rummaging through your luggage– Adding security is a perfect recipe for Big Brother
behavior
Anonymity is the best prescription for Privacy- E.g.., All the virus spreads through email address books
- On the Web if you don’t login, they don’t know you …
9
Privacy: Lawmaker/Consumer View
““The best thing about the Internet is they don’t The best thing about the Internet is they don’t know you’re a dog.”know you’re a dog.”
Tom Toles. Tom Toles. Buffalo NewsBuffalo News, April 4, 2000., April 4, 2000.
10
Privacy: Headline/Direct Marketing View
“You’re a four-year-old German Shephard-Schnauser mix, likes to shop for rawhide chews, 213 visits to Lassie website, chatroom conversation 8-29-99 said third Lassie was the hottest, downloaded photos of third Lassie 10-12-99, e-mailed them to five other dogs whose identities are…”
Privacy & Security Dynamics
12
Do you need Security for Privacy?
For example- How do you want your Traffic Violations tracked?
– The question is not whether or not it will be tracked.
Authorized Individuals only
Retention time?
Who should have access?
13
The Privacy/Security Dynamic Privacy and Security not mutually exclusive Security is a Building Block for Privacy
Security
Confidentiality Integrity Availability
Define Use, Retention & Disclosure Policies
Provide Notice, Specify Usage
Provide Choice Grant AccessPrivacy
14
Is there too much Security, ever?
Security of your enterprise is as good as your Weakest Link
– Weak Password Policy– Open Firewall Ports– No Access Control policies– No system of Least Privileges– Social Engineering
Defense in Depth is a good strategy– Security is not a binary operator
Database’s Place in Privacy
16
Privacy Relevance for a Database
Database is simply, a Collection of information For Many Businesses,
– Network of collection of information– Data Warehousing– Data Mining
Applications from Sales Leads Tracking, Order Entry to Employee e-learning initiatives
HRFinancials WWW
17
Common Privacy Principles for database applications
Collected fairly and lawfully Adequate, relevant and not excessive Purpose limitation Accurate and up-to-date Not kept for longer than necessary Not transferred to inappropriate people,
organizations and locations Secure – appropriate technical and organizational
measures
Databases’ Role in Privacy
Can any Database make your business Privacy Compliant?
– No, not alone
You Must– Define privacy policies– Enforce Security– Audit for Compliance
Security is necessary, but alone not sufficient for privacy
19
Top Privacy Challenges for Database Applications
Unified Identity – Privacy Issues :
Does it have the capability to compartmentalize profiles?
Is there a choice to reveal certain profiles for intranet and internet Services?
Testing new applications with Real World Data– Developing test data is a tedious task. – Scramble production data for test use.
Instant Messenger Usage – How long are the records archived?– Everything you say is “on record”
Security Primer for Privacy Professionals
21
#1 : Secure By Design, Secure by Development
Home Grown Applications– Standardize User identification – Design an access control model that does not have a backdoor– Identify Normal and Abnormal activities– Define security policies for data retention, data sharing and
privacy of PII– Audit for compliance– Rely on Standards as often as possible
For Commercial Off the Shelf Software– Demand Standards Compliance– Demand they comply with your security policies– Demand Secure by Default
22
#2: Secure Deployment Communicate early and often with the IT staff
Harden your database – Secure by Default
Understand the competing issues – High availability, High Performance– Ease of Use concerns
Know your users ….– Well Formed Applications require authentication– Web Sites don’t – but, they can collect data automatically
Time of arrival, how long you stayed, Your IP Address, Domain, Pages visited etc.,
23
#3: User Authentication
Establish Strong Password Policies
Communicate the Password Selection Criteria to users
Passwords?
Yes
No
Strong Authentication Choices:
•Token Cards
•Pubic Key Infrastructure (SSL)
•Kerberos
24
#4: Access Control
Select, Insert, Update and Delete Primary Operations
Grant access based on user identity or user’s membership to a specific group
– Example – Expense Reporting is by user, HR Manager View of your department is by membership to a group “HR Managers”
Provide only data that is needed. – Row Level Security
25
#5: Auditing
Goal must be compliance and Not Invasion of Privacy
– This is not Spy ware
For example to establish the exposure to comply with CA Law - SB 1386
– Non-repudiation of a transaction
Audit Selectively – high valued data or transaction
26
#6 Centralized Administration
DBAs Manage Database Resources and Users Central administration of users in a standard LDAP
directory improves manageability Questions to ask –
– Access Control Policies on the Directory Entry (specifically the PII)
– How do Applications preserve User Identity across tiers
27
#7: Encryption
California Senate Bill 1386 Legislation on Identity Theft
– Applies to all organizations with information about California residents
– In effect since July 2003– Notification of security breach of personal data
Protects combinations of Name and:– SSN – CCN with PIN – Driver’s License Number
28
California Senate Bill 1386
Legislation on Identity Theft– Applies to all organizations with information about
California residents– In effect since July 2003– Notification of security breach of personal data
Protects combinations of Name and:– SSN – CCN with PIN – Driver’s License Number
29
Implications of CA SB 1386
Notification– Organization must notify consumers if their PII has been
compromised
No notification required if data is encrypted– Does not specify methods or implementations– Does not specify algorithms
Is a simple substitution cipher good enough?
e.g., A=B, 1=2
30
Encryption Basics
Algorithms used to encrypt and decrypt data Protects data by changing plaintext to a cipher Strength of security system depends on key
management
Encrypt
dh!D4g’bQa%
Decrypt
Jane Smith’s CCN is 4408 3380 7002 2652
Jane Smith’s CCN is 4408 3380 7002 2652
31
Encryption with Public Key Infrastructure (PKI)
Private key Public keyMathematically linked
Two mathematically-related, yet separate keys
Your Private Key: secret, not shared, stored encrypted
Your Public Key: shared, “published” in a public location
A Certificate Authority issues you a certificate and Public key
32
Questions for Encryption Solution Providers
How will the technology support
– Key Management – Key Recovery– Back Ups and Restore– Fail Over– Transparency (no disruption to existing operations)– Identity Spoofing
33
Encryption Solutions
Protect Data Integrity and Confidentiality
– Over the Wire Browser to Application Server Client to Server ( Application Server to Database)
– Stored Data Encryption Credit Card Theft etc.
Privacy Compliance – An example
35
Business challenges - Area 1
How can I consolidate multiple data sources in one same database?
How can I share the information in my data warehouse with partners and customers?
How can I ensure that my data warehouse obeys laws and regulations regarding data privacy?
– Example, public access to aggregate census data is allowed, but accessing individual profiles isn’t
– authorized access to a child’s education record Technology can assist in :
– Authentication, Authorization and Fine Grained Access Control
36
Business Challenges – Area 2
Goal– Deliver research data in a hosted environment to subscribers
in a timely, cost-effective manner
Security Technology can assist in privacy– Separate proprietary information between each company
Row Level Access– Within each company, users require different levels of
access Authorization
AQ&Q U E S T I O N SQ U E S T I O N S
A N S W E R SA N S W E R S