CHAPTER 4 Security Part II: Auditing Database Systems
With access
The term database is used in a broad context to
include two general approaches: the flat-file model and
the database model
DATA MANAGEMENT APPROACHES
Flat-File Approach - Flat files are data files that contain
records with no structured relationships to other files.
The flat-file approach is most often associated with
so-called legacy systems.
The flat-file environment promotes a single-user view
approach to data management whereby end users own
their data files rather than share them with other users
Data redundancy - replication of essentially the same
data in multiple files. It contributes to three significant
problems in the flat-file environment: data storage, data
updating, and currency of information
Task-data dependency - user’s inability to obtain
additional information as his or her needs change
Database Approach - This approach centralizes the
organization’s data into a common database that is
shared by other users. With the enterprise’s data in a
central location, all users have access to the data they
need to achieve their respective objectives. Through
data sharing, the traditional problems associated with
the flat-file approach may be overcome.
● Elimination of Data Storage Problem - Each
data element is stored only once, thereby
eliminating data redundancy and reducing data
collection and storage costs
● Elimination of Data Update Problem - Because
each data element exists in only one place, it
requires only a single update procedure. This
reduces the time and cost of keeping the
database current.
● Elimination of Currency Problem - A single
change to a database attribute is automatically
made available to all users of the attribute
● Elimination of Task-Data Dependency Problem
- The most striking difference between the
database model and the flat-file model is the
pooling of data into a common database that is
shared by all organizational users.
to the full domain of entity data, changes in
user information needs can be satisfied without
obtaining additional private data sets.
KEY ELEMENTS OF THE DATABASE
ENVIRONMENT
❖ Database Management System
● Program development - to create applications
to access the database.
● Backup and recovery - DBMS can recover to an
earlier version that is known to be correct
● Database usage reporting - captures statistics
on what data are being used, when they are
used, and who uses them
● Database access - The most important feature
of a DBMS is to permit authorized user access,
both formal and informal, to the database
Data definition language (DDL) is a
programming language used to define the
database to the DBMS. The DDL identifies the
names and the relationship of all data elements,
records, and files that constitute the database.
This definition has three levels, called views: the
physical internal view, the conceptual view
(schema), and the user view (subschema).
Database Views
Internal View/Physical View. This is the lowest
level of representation, which is one step
removed from the physical database. This
internal view describes the structures of data
records, the linkages between files, and the
physical arrangement and sequence of records
in a file. There is only one internal view for the
database.
Database Views Internal View/Physical View.
The physical arrangement of records in the
database is presented through the internal view.
This is the lowest level of representation, which
is one step removed from the physical database.
This internal view describes the structures of
data records, the linkages between files, and the
physical arrangement and sequence of records
 in a file. There is only one internal view or the
database.
External View/User View (Subschema). The
subschema or user view, defines the user’s
section of the database—the portion that an
individual user is authorized to access
❖ Users
Data manipulation Language (DML) is the
proprietary programming language that a
particular DBMS uses to retrieve, process, and
store data. Entire user programs may be written
in the DML or, alternatively, selected DML
commands can be inserted into programs that
are written in universal languages, such as JAVA,
C++, and even older languages such as COBOL
and FORTRAN.
A query is an ad hoc access methodology for
extracting information from a database. Users
can access data via direct query, which requires
no formal user programs using the DBMS’s
built-in query facility.
IBM’s Structured Query Language (SQL) -
(often pronounced sequel or S-Q-L), has
emerged as the standard query language for
both mainframe and microcomputer DBMSs.
SQL is a fourth-generation, nonprocedural
language (English-like commands) with many
commands that allow users to input, retrieve,
and modify data easily.
Database administrator (DBA) - is responsible
for managing the database resource. The
sharing of a common database by multiple users
requires organization, coordination, rules, and
guidelines to protect the integrity of the
database.
Data structures - are the bricks and mortar of
the database.
Data Organization - of a file refers to the way
records are physically arranged on the
secondary storage device, this may be either
sequential or random.
Data Access Methods - is the technique used to
locate records and to navigate through the
database.
Data Attribute/Field - is a single item of data,
such as customer’s name, account balance, or
address.
Entity - is a database representation of an
individual resource, event, or agent about which
we choose to collect data.
Record Type (Table or File) - When we group
together the data attributes that logically define
an entity, they form a record type.
Navigational Databases - The hierarchical data
model is called a navigational database because
traversing the files requires following a
predefined path.
The Network Model - Like the hierarchical
model, the network model is a navigational
database with explicit linkages between records
and files. The distinction is that the network
model permits a child record to have multiple
parents.
The Relational Model - The relational model
portrays data in the form of two-dimensional
tables
Partitioned database approach - splits the
central database into segments or partitions
that are distributed to their primary user.
Deadlock - is a permanent condition that must
be resolved by special software that analyzes
each deadlock condition to determine the best
solution, can result in transactions being
incompletely processed and the database being
corrupted.
Resolving a deadlock - usually involves
terminating one or more transactions to
complete processing of the other transactions in
the deadlock.
Replicated databases - are effective in
companies where there exists a high degree of
data sharing but no primary user.
Database concurrency - is the presence of
complete and accurate data at all user sites.
 Transaction log feature provides an audit trail
CONTROLLING AND AUDITING DATA of all processed transactions.
MANAGEMENT SYSTEMS Checkpoint facility suspends all data processing
Access controls are designed to prevent while the system reconciles the transaction log
unauthorized individuals from viewing, and the database change log against the
retrieving, corrupting, or destroying the entity’s database.
data. Recovery module uses the logs and backup files
Backup controls ensure that in the event of data to restart the system after a failure.
loss due to unauthorized access, equipment
failure, or physical disaster the organization can
recover its database.
The user view or subschema is a subset of the
total database that defines the user’s data
domain and provides access to the database
Data base authorization table contains rules
that limit the actions a user can take
User-defined procedure allows the user to
create a personal security program or routine to
provide more positive user identification than a
single password

Audit Procedures for Testing Database Access

Controls
● Responsibility for Authority Tables and
Subschemas.
● Appropriate Access Authority
● Biometric Controls.
● Inference Controls.
● Encryption Controls.
● Backup Controls

Audit Procedures for Testing Flat-File Backup

Controls
● Sequential File (GPC) Backup - select a sample
of systems and determine from the system
documentation that the number of GPC backup
files specified for each system is adequate.
● Backup Transaction Files - verify through
physical observation that transaction files used
to reconstruct the master files are also retained
● Direct Access File Backup - should select a
sample of applications and identify the direct
access files being updated in each system
● Off-Site Storage - verify the existence and
adequacy of off-site storage.