Group 2 - Auditing Database Systems
Group 2 - Auditing Database Systems
Auditing Database
Systems
1
Lay-out of topics: AUDITING OF DATABASE SYSTEMS
2
DATABASE
▸ Definition:
○ - structured set of data held in computer, especially one that is
accessible in various ways.
○ - organized collection of data, generally stored and accessed
electronically from a computer system
○ - where databases are more complex they are often developed
using formal design and modeling techniques.
DATABASE SOFTWARES:
- Oracle database
- MySQL
- PostgreSQL
- MariaDB
- Microsoft SQL Server
3
DATA MANAGEMENT APPROACHES
▸ 1. Flat-file Model
▸ 2. Database Model
4
FLAT–FILE METHOD
5
F L A T – F I L E METHOD
8
DATABASE APPROACH
10
KEY ELEMENTS OF THE DATABASE
ENVIRONMENT
11
Relationship
between the
elements
of
database
environment
12
DBMS FEATURES
13
DATA DEFINITION LANGUAGE
14
DATABASE VIEWS
1. Internal/ Physical View
16
DATABASE VIEWS
3. External/ User View (Subschema)
▸ Example:
○ A user in the personnel department may view the
database as a collection of employee records and is
unaware of the supplier and inventory records seen by
the users in the inventory control department.
17
Data Manipulation Language (DML)
18
Overview of DBMS Operation
19
DBMS Operation
1. User program sends request data to the DBMS.
2. DBMS analyzes the request by matching the called data elements
against the user view and conceptual view. (authorized/denied)
3. DBMS determines the data structure parameters from the internal
view and passes them to the operating system.
4. Operating system interacts with the disk storage device to retrieve
the data from the physical database.
5. Operating system stores the data in a main memory buffer area.
6. DBMS transfers the data to the user’s work location in main
memory.
20
Informal Access: Query Language
22
Database Administrator (DBA
)
▸ Data Dictionary –
○ describes every data element in the database
○ Enables all users to share a common view of
the data resource, thus greatly facilitating the
analysis of user needs.
○ May be in both paper form and online
23
Organizational Interaction of the DBA
24
The Physical Database
▸ Lowest level and only one in physical form
▸ Magnetic sports on metallic coated disks that
create a logical collection of files and records.
▸ Data structures are bricks and mortar of database
○ Allows records to be located, stored, and retrieved
○ Two components: organization and access methods
▸ The organization of a file refers to way records
are physically arranged on the storage device -
either sequential or random
▸ Access methods are programs used to locate
records and to navigate through the database
25
▸ CRITERIA THAT INFLUENCE
SELECTION OF DATA STRUCTURE:
▸ 1. Rapid file access and data retrieval
▸ 2. Efficient use of disk storage space
▸ 3. High throughput for transaction processing
▸ 4. Protection from data loss
▸ 5. Ease of recovery from system failure
▸ 6. Accommodation of file growth
26
“
▸DATABASE
MODELS
27
▸ A Data Model is an abstract
representation of the data about
entities, including resources(assets),
events(transactions) and agents
(personnel/ customer) and their
relationships in an organization.
▸ HEIRARCHICAL MODEL
NAVIGATIONAL
▸ NETWORK MODEL MODELS
▸ RELATIONAL MODEL
29
Database Terminology
▸ Data Attribute/ Field: single ▸ Occurrence: Related to the
item of data number of records of
▸ Entity: database represented by a particular
representation of an record type
individual resource, event or ▸ Attributes: Defines
agent entities with values that
▸ Record Type: Physical vary (i.e. each employee
database representation of has a different name)
an entity ▸ Associations: Record types
▸ Database: Set of record that constitute a database
types that an organization exist in relation to other
needs to support its record types.
business processes
30
three basic record
Associations
○ One-to-one: For every occurrence of Record
Type X there is one (or zero) of Record Type
Y
○ One-to-many: For every occurrence of Record
Type X, there are zero, one or many
occurrences of Record Type Y
○ Many-to-many: For every occurrence of Record
Types X and Y, there are zero, one or many
occurrences of Record Types Y and X,
respectively.
31
32
The Hierarchical
Model
33
▸ Basis of earliest DBAs and still in use
today
▸ Sets that describe relationship between
two linked files
○ Each set contains a parent and a child.
○ Files at the same level with the same parent
are siblings
○ Tree structure with the highest level in the
tree being the root segment and the lowest
file in a branch the leaf
34
▸ IBM's (IMS)- most prevalent example,
introduced in 1968
▸ Also called a navigational database.
▸ LIMITATIONS
-presents an artificially constrained view of
data relationship
- doesn't always reflect reality
▸ Usefulness of model is limited because no child
record can have more than one parent which
leads to data redundancy
35
Hierarchical Data Model
36
THE NETWORK
MODEL
37
▸ Developed by Committee on
Developmet of Applied Symbolic
Language (CODASYL) which was
created by ANSI in the late 1970s
▸ is also a navigational database with
explicit linkages between records and
files
▸ The distinction is that it permits a
child record to have multiple parents
▸ Integrated Database Management
System (IDMS)- most popular
example
38
The Network Model
39
the relational
model
40
The Relational Model
41
○Relational model portrays data in two-
dimensional tables with attributes across the
top forming column
○Intersecting columns to form rows are tuples
which are normalized arrays of data similar to
records in a flat-file system
42
43
four characteristics
▸ 1. All occurrency at the intersection of a row and
column are a single value. No multiple values are
allowed.
44
45
“
▸DATABASES IN
A DISTRIBUTED
ENVIRONMENT
46
Centralized Databases in a
Distributed Environment
▸ Data retained in a central location.
47
▸ Objective of database approach it to maintain
data currency with can be challenging.
48
49
Distributed Databases:
Partitioned Databases
▸ Splits central database into segments distributed to their
primary users.
▸ Advantages:
○ Users’ control increased by having data stored at local
sites.
○ Improved transaction processing response time.
○ Volume of transmitted data between IT units is
reduced.
○ Reduces potential data loss from a disaster.
50
51
The Deadlock Phenomenon
▸ Occurs when multiple sites lock each other
out of the database, preventing each from
processing its transactions.
○ Transactions in a “wait” state until locks removed.
○ Can result in transactions being incompletely processed
and database being corrupted.
52
The Deadlock Condition
53
Distributed Databases:
Replicated Databases
54
▸ Primary justification to support read-only queries.
55
Concurrency Control
58
Access Controls
▸ User views (subschema) is a subset of the database that
defines user’s data domain and access.
▸ Database authorization table contains rules that limit user
actions.
▸ User-defined procedures allow users to create a personal
security program or routine .
▸ Data encryption procedures protect sensitive data.
▸ Biometric devices such as fingerprints or retina prints
control access to the database.
▸ Inference controls should prevent users from inferring,
through query options, specific data values they are
unauthorized to access.
○ Attempt to prevent three types of compromises to the database:
■ Positive compromise – the user determines the specific value of a
data item
■ Negative compromise – the user determines that a data item
doesn’t have a specific value
■ Approximate compromise – the user is unable to determine the
exact value of an item but is59able to estimate it with sufficient
Subschema Restricting Access
60
Database authorization table
61
Audit Procedures for Testing Database
Access Controls
63
Backup Controls in the flat-
file Environment
▸ The backup technique employed will
depend on the media and the file structure.
▸ GPC backup technique is used in sequential
file batch systems. The backup procedures:
○ Current master file(parent) is processed against the
transaction file to produce a new updated master
file(child).
○ The next batch of transactions, the child becomes the
current master file(parent) and the original parent
becomes the backup file(grandparent)
▸ Data values are changed in place through a
process called destructive replacement.
▸ As an added safeguard, backup files
created should be stored off-site in a secure
location. 64
Grandparent-parent-child
approach
65
Audit Procedures for Testing
flat-file backup Controls
▸ Verify that backup controls in place are
effective.
▸ Select a sample of systems and determine
from the system documentation that the
number of GPC backup files specified for
each system is adequate.
▸ Verify through physical observation that
transaction files used to reconstruct the
master files are also retained.
▸ Select a sample of applications and identify
the direct access files being updated in
each system.
▸ Verify the existence and adequacy of off-
66
Backup of direct access files
67
Backup of direct access files
68
Backup Controls in the
Database Environment
▸ Since data sharing is a fundamental
objective of the database approach,
environment is vulnerable to damage
from individual users.
▸ Four needed backup and recovery
features:
○ Backup feature makes a periodic backup of entire
database which is stored in a secure, remote
location.
○ Transaction log provides an audit trail of all
processed transactions.
○ Checkpoint facility suspends all processing while
system reconciles transaction log and database
change log against the69 database.
Backup of Direct Access Files
70
Audit Procedures for Testing Database
backup Controls
71