Database Security Technical Implementation Guide

Book Id: WPLBN0000696957
Format Type: PDF eBook:
File Size: 1.15 MB
Reproduction Date: 2005

Title:	Database Security Technical Implementation Guide
Author:
Volume:
Language:	English
Subject:	Technology., Reference materials, Technology and literature
Collections:	Techonology eBook Collection
Historic Publication Date:
Publisher:


Citation APA MLA Chicago Database Security Technical Implementation Guide. (n.d.). Database Security Technical Implementation Guide. Retrieved from http://gutenberg.cc/

Description
Technical Reference Publication

Excerpt
Excerpt: Summary of Changes. Changes made since the previous version/release (Version 6, Release 1) are listed below. This new version for the first time includes coverage of IBM's DB2 DBMS (Appendix E, IBM DB2 Universal Database Specific Policy) and includes updates to reference DOD Directive (DODD) 8500.1, Information Assurance (IA) and DOD Instruction (DODI) 8500.2, Information Assurance (IA) Implementation. These latter changes include the change of scope of this document to be applicable to all of DOD.

Table of Contents
TABLE OF CONTENTS Page SUMMARY OF CHANGES.........................................................................................................xv 1 INTRODUCTION .....................................................................................................................1 1.1 Background .....................................................................................................................1 1.2 Authority .........................................................................................................................1 1.3 Scope ...............................................................................................................................2 1.4 Writing Conventions .......................................................................................................2 1.5 Vulnerability Severity Code Definitions.........................................................................3 1.6 DISA Information Assurance Vulnerability Management (IAVM) ...............................3 1.7 STIG Distribution............................................................................................................3 1.8 Document Revisions........................................................................................................3 2 INTEGRITY ..............................................................................................................................5 2.1 Software Integrity............................................................................................................5 2.1.1 Current DBMS Version ........................................................................................5 2.1.2 DBMS Software/Object Modification ..................................................................6 2.1.3 Unused Database Software/Components..............................................................7 2.2 Database Software Development ....................................................................................7 2.2.1 Shared Production/Development Systems ? STIG Impacts .................................8 2.3 Ad Hoc Queries ...............................................................................................................9 2.4 Multiple Services Host Systems......................................................................................9 2.5 Data Integrity...................................................................................................................9 2.5.1 Database File Integrity........................................................................................10 2.5.2 Database Software Baseline................................................................................10 2.5.3 Database File Backup and Recovery ..................................................................11 3 DISCRETIONARY ACCESS CONTROL .............................................................................13 3.1 Database Account Controls ...........................................................................................13 3.2 Authentication ...............................................................................................................14 3.2.1 Password Guidelines...........................................................................................14 3.2.2 Certificate Guidelines .........................................................................................16 3.3 Database Accounts ........................................................................................................16 3.3.1 Administrative Database Accounts.....................................................................16 3.3.2 Application Object Ownership/Schema Account ...............................................16 3.3.3 Default Application Accounts.............................................................................17 3.3.4 Application Non-interactive/Automated Processing Accounts ..........................17 3.3.5 N-Tier Application Connection Accounts ..........................................................18 3.3.6 Application User Database Accounts .................................................................19 3.4 Database Authorizations................................................................................................19 3.4.1 Database Object Access......................................................................................19 3.4.2 Database Roles....................................................................................................20 3.4.2.1 Application Developer Roles .....................................................................21 Database STIG, V7R1 DISA Field Security Operations 29 October 2004 Developed by DISA for the DOD UNCLASSIFIED iv 3.4.2.2 Application Administrator Roles................................................................22 3.4.2.3 Application User Database Roles...............................................................22 3.5 Protection of Sensitive Data ..........................................................................................23 3.6 Protection of Stored Applications .................................................................................23 3.7 Protection of Database Files..........................................................................................23 4 DATABASE AUDITING........................................................................................................25 4.1 Precautions to Auditing .................................................................................................25 4.2 Audit Data Requirements ..............................................................................................25 4.2.1 Minimum Required Audit Operations ................................................................26 4.2.2 DBA Auditing.....................................................................................................27 4.2.3 Value Based Auditing .........................................................................................27 4.2.4 Required Audit Operations on Audit Data..........................................................27 4.3 Audit Data Backup ........................................................................................................28 4.4 Audit Data Reviews.......................................................................................................28 4.5 Audit Data Access .........................................................................................................29 4.6 Database Monitoring .....................................................................................................29 5 NETWORK ACCESS AND REQUIREMENTS....................................................................31 5.1 Protection of Database Identification Parameters .........................................................31 5.2 Network Connections to the Database ..........................................................................31 5.2.1 Remote Administrative Database Access ...........................................................31 5.2.2 Open Database Connectivity (ODBC)................................................................32 5.2.3 Java Database Connectivity (JDBC)...................................................................32 5.2.4 Web Server or Middle-Tier Connections to Databases ......................................32 5.2.5 Database Session Inactivity Time Out................................................................33 5.3 Database Replication.....................................................................................................34 5.4 Database Links ..............................................................................................................34 6 OPERATING SYSTEM..........................................................................................................37 6.1 Database File Access.....................................................................................................37 6.2 Local Database Accounts ..............................................................................................37 6.3 Database Administration Accounts ...............................................................................37 6.4 Database OS Groups .....................................................................................................38 APPENDIX A RELATED PUBLICATIONS .........................................................................39 APPENDIX B ORACLE SPECIFIC POLICY AND IMPLEMENTATION..........................43 B.1 Current Oracle Version .................................................................................................43 B.2 Oracle Security Evaluations ..........................................................................................43 B.3 Oracle Component Services ..........................................................................................44 B.4 Oracle Access Controls .................................................................................................44 B.4.1 Oracle Identification and Authentication............................................................45 B.4.1.1 Database Authentication..........................................................................45 B.4.1.2 Operating System Authentication............................................................45 B.4.1.3 Network Service Authentication..............................................................46 Database STIG, V7R1 DISA Field Security Operations 29 October 2004 Developed by DISA for the DOD UNCLASSIFIED v B.4.1.4 Global Authentication..............................................................................46 B.4.1.5 N-Tier or Proxy Authentication...............................................................46 B.4.2 Oracle Connection Pooling .................................................................................47 B.4.3 Secure Distributed Computing............................................................................47 B.4.4 Oracle Administrative Connections....................................................................48 B.4.5 Oracle Administrative OS Groups ......................................................................49 B.4.6 Default Oracle Accounts.....................................................................................49 B.4.7 Default Oracle Passwords ...................................................................................50 B.4.8 Oracle Password Management Requirements ....................................................51 B.5 Oracle Authorizations....................................................................................................51 B.5.1 Oracle Predefined Roles .....................................................................................53 B.5.2 System Privileges................................................................................................54 B.5.3 Object Privileges.................................................................................................56 B.5.4 Administration of Privileges ...............................................................................57 B.6 Oracle Replication.........................................................................................................58 B.7 Network Security...........................................................................................................59 B.7.1 Encrypting Oracle Network Logins ....................................................................59 B.7.2 Protecting Database Network Communications .................................................59 B.7.3 Oracle Listener Security .....................................................................................60 B.7.3.1 Listener Password....................................................................................60 B.7.3.2 Listener Administration Restrictions.......................................................60 B.7.3.3 Listener Access to External Procedures ..................................................61 B.7.3.4 Listener Network Address Restrictions ...................................................61 B.7.3.5 Encryption of Remote Administrative Access ........................................61 B.7.3.6 Listener Port Assignment ........................................................................62 B.7.3.7 Listener Inbound Connection Timeout....................................................62 B.7.4 Oracle XML DB Protocol Server .......................................................................63 B.8 Oracle Intelligent Agent/Oracle Enterprise Manager (OEM) .......................................63 B.9 Oracle Account Protections...........................................................................................64 B.9.1 Default/Temporary Tablespaces and Tablespace Quotas ...................................64 B.9.2 Idle Time in Oracle .............................................................................................64 B.9.3 SESSIONS_PER_USER in Oracle.....................................................................65 B.10 Oracle ARCHIVELOG Mode.......................................................................................65 B.11 Securing SQLPlus Commands ......................................................................................66 B.12 Protection of Database Stored Procedures ....................................................................66 B.13 Oracle Trace Utility.......................................................................................................66 B.14 Auditing in Oracle .........................................................................................................66 B.14.1 Oracle Audit Monitoring.....................................................................................67 B.14.2 Database Auditing...............................................................................................67 B.14.3 AUD$ Table Location and Ownership ...............................................................68 B.14.4 Enabling Auditing...............................................................................................68 B.14.5 AUDIT/NOAUDIT Statements ..........................................................................68 B.14.6 Mandatory Auditing............................................................................................69 B.14.6.1 Statement Auditing .................................................................................70 B.14.6.2 Object Auditing.......................................................................................72 B.14.6.3 System Privilege Auditing ......................................................................73 Database STIG, V7R1 DISA Field Security Operations 29 October 2004 Developed by DISA for the DOD UNCLASSIFIED vi B.14.7 Fine-Grained Auditing........................................................................................76 B.14.8 Audit Trail Maintenance.....................................................................................76 B.15 Oracle File and Directory Operating System Permissions............................................76 B.15.1 Oracle File and Directory Ownership .................................................................77 B.15.2 Oracle File and Directory Permissions ...............................................................77 B.15.3 Initialization Parameter Files ..............................................................................77 B.15.4 Remote Logon Password File Permissions.........................................................77 B.15.5 Listener.ora File Permissions..............................................................................78 B.15.6 DBSNMP_RW.ORA and DBSNMP_RO.ORA File Permissions .....................78 B.15.7 SQLNET.ORA File Permissions ........................................................................78 B.15.8 Network Log and Trace File Protections ............................................................79 B.16 Oracle Critical File Management ..................................................................................79 B.16.1 Control Files........................................................................................................80 B.16.2 Redo Log Files....................................................................................................80 B.16.3 Database Files .....................................................................................................80 B.17 Optimal Flexible Architecture (OFA) ...........................................................................80 B.17.1 Instance Naming Standards.................................................................................81 B.17.2 Tablespaces.........................................................................................................81 B.17.3 Oracle UNIX Specific OFA Standards ...............................................................82 B.17.3.1 Oracle UNIX Directory Structure Standards ..........................................82 B.17.3.2 Oracle UNIX Datafile Location Standards .............................................83 B.17.4 Windows Specific OFA Standards .....................................................................83 B.17.5 Oracle OS/390 Specific Naming Standards........................................................84 B.17.5.1 OSDI Subsystem Naming Standard........................................................84 B.17.5.2 OSDI Service Naming Standards............................................................84 B.18 Initialization Parameters................................................................................................84 B.18.1 AUDIT_TRAIL ..................................................................................................85 B.18.2 RESOURCE_LIMIT...........................................................................................85 B.18.3 REMOTE_OS_AUTHENT................................................................................85 B.18.4 REMOTE_OS_ROLES ......................................................................................85 B.18.5 OS_ROLES.........................................................................................................85 B.18.6 DBLINK_ENCRYPT_LOGIN...........................................................................86 B.18.7 SQL92_SECURITY ...........................................................................................86 B.18.8 UTL_FILE_DIR .................................................................................................86 B.18.9 07_DICTIONARY_ACCESSIBILITY ..............................................................87 B.18.10 REMOTE_LOGIN_PASSWORDFILE .............................................................87 B.18.11 AUDIT_SYS_OPERATIONS............................................................................88 B.18.12 GLOBAL_NAMES ............................................................................................88 B.18.13 _TRACE_FILES_PUBLIC.................................................................................88 B.18.14 MAX_ENABLED_ROLES................................................................................89 B.18.15 REMOTE_LISTENER .......................................................................................89 B.18.16 AUDIT_FILE_DEST (UNIX Only)...................................................................89 B.18.17 USER_DUMP_DEST.........................................................................................89 B.18.18 BACKGROUND_DUMP_DEST.......................................................................89 B.18.19 CORE_DUMP_DEST ........................................................................................89 B.18.20 LOG_ARCHIVE_START..................................................................................90 Database STIG, V7R1 DISA Field Security Operations 29 October 2004 Developed by DISA for the DOD UNCLASSIFIED vii B.18.21 LOG_ARCHIVE_DEST.....................................................................................90 B.18.22 LOG_ARCHIVE_DUPLEX_DEST / LOG_ARCHIVE_DEST_n....................90 B.18.23 OS_AUTHENT_PREFIX...................................................................................90 B.19 Oracle Operating System Security Requirements .........................................................90 B.19.1 Oracle UNIX Specific Information.....................................................................91 B.19.1.1 Oracle Operating System Software Owner Account ..............................91 B.19.1.2 Oracle Process Owner Accounts.............................................................91 B.19.1.3 Oracle UNIX Profile Requirements........................................................92 B.19.1.4 Non-Interactive/Automated Processing Database Accounts ..................92 B.19.1.5 Oracle UNIX Groups ..............................................................................93 B.19.1.6 Oracle Files .............................................................................................93 B.19.2 Microsoft Windows Settings ..............................................................................94 B.19.2.1 File Permissions ......................................................................................94 B.19.2.2 Registry Permissions...............................................................................94 B.19.2.3 Oracle Installation Log File ....................................................................95 B.19.2.4 Oracle Services for Windows .................................................................95 B.19.2.5 Non-Interactive/Automated Processing Database Accounts ..................95 B.19.3 OS/390 Specific Information ..............................................................................96 B.19.3.1 Oracle Library Security...........................................................................96 B.19.3.2 Oracle VSAM File Security....................................................................97 B.19.3.3 Security for Oracle MPM Installations ...................................................97 B.19.3.4 Security for Oracle OSDI Installations ...................................................98 B.19.3.5 Oracle Access Manager ........................................................................102 B.19.3.6 System Management Facility................................................................103 APPENDIX C MICROSOFT SQL SERVER SPECIFIC POLICY AND IMPLEMENTATION.................................................................................................................105 C.1 Current SQL Server Version .......................................................................................105 C.2 SQL Server Meets C2 Security Requirements ............................................................105 C.2.1 SQL Server Meets DAC Requirements ............................................................105 C.2.2 SQL Server Meets Identification and Authentication Requirements ...............106 C.2.3 Secure Distributed Computing..........................................................................106 C.2.4 SQL Server Meets Object Reuse Requirements ...............................................106 C.2.5 SQL Server Meets Auditing Requirements ......................................................106 C.3 SQL Server Access Controls.......................................................................................107 C.3.1 sa Connection....................................................................................................107 C.3.2 OS DBA Group.................................................................................................107 C.3.3 SYSADMIN Role .............................................................................................107 C.3.4 Default SQL Server Passwords.........................................................................108 C.3.5 Default sa Password..........................................................................................108 C.3.6 SQL Server Agents Service Account................................................................108 C.3.7 SQL Server Database Accounts and Windows OS Accounts ..........................109 C.3.8 Guest Account...................................................................................................109 C.3.9 SQL Server Non-Interactive/Automated Processing Accounts........................109 C.3.10 Linked or Remote Servers ................................................................................109 C.3.11 SQL Server Account Password Requirements .................................................110 Database STIG, V7R1 DISA Field Security Operations 29 October 2004 Developed by DISA for the DOD UNCLASSIFIED viii C.3.12 Predefined Roles ...............................................................................................110 C.3.13 SQL Server Privileges.......................................................................................111 C.3.13.1 Statement Privileges..............................................................................111 C.3.13.2 Object Privileges...................................................................................112 C.3.13.3 Job System Privileges ...........................................................................112 C.3.13.4 Grant Object Privilege ..........................................................................112 C.3.14 Configuring Net Libraries.................................................................................113 C.3.15 Windows System Permissions ..........................................................................113 C.3.15.1 SQL Server Directories.........................................................................113 C.3.15.2 SQL Server Registry Permissions.........................................................113 C.4 Auditing In SQL Server ..............................................................................................114 C.4.1 Database Audit Trail Location..........................................................................114 C.4.2 Database Audit Trail Protection........................................................................115 C.4.3 Mandatory Auditing..........................................................................................115 C.4.4 Value Based Auditing .......................................................................................116 C.4.5 Audit Trail Maintenance...................................................................................116 C.5 Encrypting SQL Server ...............................................................................................116 C.6 SQL Server Replication...............................................................................................116 C.6.1 Replication Role Requirements ........................................................................117 C.6.2 Securing the Distributor Database ....................................................................117 C.6.3 Snapshot Folder Security ..................................................................................117 C.6.4 Publication Access Lists ...................................................................................117 C.6.5 Agent Logon Security.......................................................................................118 C.6.6 Security and Replication over the Internet........................................................118 C.7 Naming Conventions And File Locations ...................................................................118 C.7.1 Instance Naming Standards...............................................................................118 C.7.2 SQL Server Datafile Naming Standards ...........................................................118 C.7.3 Databases ..........................................................................................................119 C.8 Initialization Parameters..............................................................................................120 C.8.1 ALLOW UPDATES.........................................................................................120 C.8.2 C2 AUDIT MODE (SQL Server 2000 only)....................................................120 C.8.3 REMOTE ACCESS..........................................................................................120 C.8.4 SCAN FOR STARTUP PROCS.......................................................................120 C.9 Stored Procedures........................................................................................................121 C.10 Extended Stored Procedures........................................................................................121 C.11 Object Encryption........................................................................................................122 C.12 Database Backup File and Restore Protection ............................................................122 C.13 SQL Server Installed Services.....................................................................................122 C.14 SQL Mail.....................................................................................................................122 C.15 Microsoft Data Engine/Microsoft SQL Server Desktop Engine (MSDE) ..................123 C.15.1 Current MSDE Version.....................................................................................123 C.15.2 MSDE Security Bulletins and Hotfixes ............................................................124 C.15.3 User Authentication ..........................................................................................124 C.15.4 Auditing ............................................................................................................124 C.16 Sample Databases........................................................................................................125 C.17 SQL Server Service Components To Be Researched .................................................125