You are a contracting officer’s technical representative, a security system engineer, at a military hospital. Your department’s leaders are adopting a new medical health
Deliverables
- A Request for Proposal (RFP), about 10 to 12 pages, in the form of a double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. There is no penalty for using additional pages. Include a minimum of six references. Include a reference list with the report.
- I will provide the lab document.
Database Security Assessment
You are a contracting officer's technical representative, a security system engineer, at a military hospital. Your department's leaders are adopting a new medical health care database management system. And they've tasked you to create a request for proposal for which different vendors will compete to build and provide to the hospital.
A request for proposal, or RFP, is when an organization sends out a request for estimates on performing a function, delivering a technology, or providing a service or augmenting staff. RFPs are tailored to each endeavor but have common components and are important in the world of IT contracting and for procurement and acquisitions.
To complete the RFP, you must determine the technical and security specifications for the system. You'll write the requirements for the overall system and provide evaluation standards that will be used in rating the vendor's performance. Your learning will help you determine your system's requirements.
As you discover methods of attack, you'll write prevention and remediation requirements for the vendor to perform. You must identify the different vulnerabilities the database should be hardened against.
Project 5 Resources:
Deliverables
· A Request for Proposal (RFP), about 10 to 12 pages, in the form of a double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations. There is no penalty for using additional pages. Include a minimum of six references. Include a reference list with the report.
· I will provide the lab document.
Database Security Assessment
You are a contracting officer's technical representative, a security system engineer, at a military hospital. Your department's leaders are adopting a new medical health care database management system. And they've tasked you to create a request for proposal for which different vendors will compete to build and provide to the hospital.
A request for proposal, or RFP, is when an organization sends out a request for estimates on performing a function, delivering a technology, or providing a service or augmenting staff. RFPs are tailored to each endeavor but have common components and are important in the world of IT contracting and for procurement and acquisitions.
To complete the RFP, you must determine the technical and security specifications for the system. You'll write the requirements for the overall system and provide evaluation standards that will be used in rating the vendor's performance. Your learning will help you determine your system's requirements.
As you discover methods of attack, you'll write prevention and remediation requirements for the vendor to perform. You must identify the different vulnerabilities the database should be hardened against.
Modern health care systems incorporate databases for effective and efficient management of patient health care. Databases are vulnerable to cyberattacks and must be designed and built with security controls from the beginning of the life cycle.
Although hardening the database early in the life cycle is better, security is often incorporated after deployment, forcing hospital and health care IT professionals to play catch-up. Database security requirements should be defined at the requirements stage of acquisition and procurement.
System security engineers and other acquisition personnel can effectively assist vendors in building better health care database systems by specifying security requirements up front within the request for proposal (RFP). In this project, you will be developing an RFP for a new medical health care database management system.
Parts of your deliverables will be developed through your learning lab. You will submit the following deliverables for this project:
Step 1: Provide an Overview for Vendors
As the contracting officer's technical representative (COTR), you are the liaison between your hospital and potential vendors. It is your duty to provide vendors with an overview of your organization. To do so, identify information about your hospital. Conduct independent research on hospital database management. Think about the hospital's different organizational needs. What departments or individuals will use the Security Concerns Common to All RDBMSs, and for what purposes?
Security Concerns Common to All RDBMSs
A relational database management system (RDBMS) is used to organize and manage data tables by using keys in a way that all the data can be accessed without reorganization. The keys represent attributes and uniquely identify rows in a table.
According to Trivedi, Zavarsky, and Butakov, although "many prominent relational database management systems provide inbuilt security controls and mechanisms, the information resided in the data-store are at great risk" (2016). Several features, including authentication, roles and access management, ownership and user schema management, authorization and permission on objects and encryption, are implemented to mitigate security concerns and reduce the chances of unauthorized access.
References
Trivedi, D., Zavarsky, P., & Butakov, S. (2016). Enhancing relational database security by metadata segregation. ScienceDirect, 94. http://ac.els-cdn.com/S1877050916318208/1-s2.0-S1877050916318208-main.pdf?_tid=480c35ae-a161-11e6-a664-00000aab0f01&acdnat=1478135167_7bd287eb942d2056a92b63c754097bcf
Provide an overview of the types of data that may be stored in the system and the importance of keeping this data secure. Include this information in the RFP.
After the overview is complete, move to the next step to provide context for the vendors with an overview of their needs.
Step 2: Provide Context for the Work
Now that you have provided vendors with an overview of your hospital's needs, you will provide the vendors with a context for the work needed.
Since you are familiar with the application and implementation, give guidance to the vendors by explaining the attributes of the database and by describing the environment in which it will operate. Details are important for the vendors to provide optimal services.
It is important to understand the vulnerability of a relational database management system (RDBMS). Read the following resources about RDBMSs.
Error Handling and Information Leakage
Applications must handle errors properly to avoid leakage of sensitive information that can expose them to attack. According to the Open Web Application Security Project (OWASP):
Motivated attackers like to see error messages as they might leak information that leads to further attacks, or may leak privacy-related information. Web application error handling is rarely robust enough to survive a penetration test.
Applications should always fail-safe. If an application fails to an unknown state, it is likely that an attacker may be able to exploit this indeterminate state to access unauthorized functionality, or worse create, modify or destroy data.
Error-handling applications must ensure that they fail safe, debug errors, handle exceptions, and check function return errors (OWASP, 2015).
References
Open Web Application Security Project (OWASP). (2015). Error handling, auditing, and logging. https://www.owasp.org/index.php/Error_Handling,_Auditing_and_Logging#Error_Handling
Insecure Handling
Insecure handling of data can harm its quality, confidentiality, and integrity or even cause complete destruction. The potential issues include insecure indexing of web content and external threats, such as malware. According to the Web Application Security Consortium (2010):
Insecure Indexing is a threat to the data confidentiality of the web-site. Indexing web-site contents via a process that has access to files which are not supposed to be publicly accessible has the potential of leaking information about the existence of such files, and about their content. In the process of indexing, such information is collected and stored by the indexing process, which can later be retrieved (albeit not trivially) by a determined attacker, typically through a series of queries to the search engine. The attacker does not thwart the security model of the search engine. As such, this attack is subtle and very hard to detect and to foil—it's not easy to distinguish the attacker's queries from a legitimate user's queries. (p. 151)
Malicious code or malware is a program code that intends to access and compromise secure data. Guidelines from the National Institute of Standards and Technology (Souppaya & Scarfone, 2013) discuss how several organizations implement systems to ensure secure handling of data by monitoring access requests:
The security checking is often done through network access control software by placing on each host an agent that monitors various characteristics of the host, such as OS patches and antivirus updates. When the host attempts to connect to the network, a network device such as a router requests information from the host's agent. If the host does not respond to the request or the response indicates that the host is insecure, the network device causes the host to be placed onto a separate VLAN. (p. 28)
References
Souppaya, M., & Scarfone, K. (2013). Guide to malware incident prevention and handling for desktops and laptops: Special Publication 800-83, Revision 1. National Institute of Standards and Technology. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-83r1.pdf
Web Application Security Consortium. (2010). WASC threat classification. http://projects.webappsec.org/f/WASC-TC-v2_0.pdf
Cross-Site Scripting (XSS/CSRF) Flaws
Cross-site scripting (XSS) refers to injection of malicious scripts on trusted websites. XSS enables attackers to inject client-side script into web pages viewed by other users. For example, imagine a victim is using a web application (e.g., email or an e-commerce site) and is currently logged in to the account. If a malicious code is present while the victim is logged in, that code sends the session information to the attacker's email account. The attacker can then tap into the user's session and log in while the victim is still using the application. This is an example of session hijacking using XSS.
Since XSS flaws are common in current web applications, the vulnerabilities are used by attackers to get unauthorized access to sensitive data.
SQL Injections
SQL injection attacks are a type of injection attack, in which SQL commands are injected into data input forms in order to impact the execution of predefined SQL commands (OWASP, 2022). As a common attack vector, it refers to attacks implemented using malicious SQL code by virtue of a code injection technique with the aim of obtaining unauthorized access to sensitive data in a database. In other words, the injection attack can make it possible to execute malicious SQL statements, which control a database server behind a web application. Unfortunately, it is the most common web hacking technique employed by attackers, as a result of vulnerabilities in the SQL statements. As a web security vulnerability, it enables an attacker to interfere with the queries that an application makes to a database. According to OWASP, the main consequences of SQL injection are its effects on confidentiality, authentication, authorization, and integrity. For example, in a situation where the SQL injection attack is successful, it can lead to unauthorized access to sensitive data such as personally identifiable information, passwords, credit card details, and many others. A typical example includes retrieving hidden data or subverting application logic. The risks of SQL injections can be mitigated or minimized by implementing defense mechanisms and controls such as input validation, stored procedures, the principle of least privilege, and adopting application development best practices.
References
OWASP (2022). SQL Injection. Retrieved from https://owasp.org/www-community/attacks/SQL_Injection
Insecure Configuration Management
Insecure configuration management refers to security problems that arise due to improper configuration of servers, which provide content and invoke applications.
According to the Open Web Application Security Project (OWASP), examples of server configuration issues include unpatched security flaws in the server software; server software flaws or misconfigurations; unnecessary default, backup, or sample files; improper file and directory permissions; unnecessary services enabled; default accounts with their default passwords; administrative or debugging functions that are enabled or accessible; overly informative error messages; misconfigured SSL (Secure Sockets Layer) certificates and encryption settings; use of self-signed certificates to achieve authentication and man-in-the-middle protection; use of default certificates; and improper authentication with external systems (OWASP, 2015).
References
Open Web Application Security Project (OWASP). (2015). Insecure configuration management. https://www.owasp.org/index.php/Insecure_Configuration_Management
Authentication (with a focus on broken authentication)
Authentication is the process by which credentials are presented and validated to enable access. There are a number of different methods of authentication. Passwords are the most common type of authentication and are usually coupled with user identification (user IDs). Tokens and certificates are often used in place of passwords to provide a higher level of security. Tokens can contain unique identifiers (e.g., digital signatures or keys). Tokens can also store biometric data—for example, fingerprints.
There are several different types of combinations of authentication. Higher levels of security are generally associated with more levels of authentication (multifactor). For example, two-factor authentication might include a token and a password. Kerberos is a protocol for authentication made up of two components: a ticket (distributed by a service) for user authentication and a key that is developed from the user's password. Another authentication scheme is the Challenge-Handshake Authentication Protocol (CHAP), which uses a representation (hash) of the user's password to authenticate.
Access Control
Access control is the process by which permissions are granted for given resources. Access control can be physical (e.g., locked doors accessed using various control methods) or logical (e.g., electronic keys or credentials). There are several access control models, to include:
· Role-based access control: Access is granted based on individual roles.
· Mandatory access control: Access is granted by comparing data sensitivity levels with user sensitivity access permissions.
· Attribute-based access control: Access is granted based on assigned attributes.
· Discretionary access control: Access is granted based on the identity and/or group membership of the user.
The access control model used is determined based on the needs of the organization. To determine the best model, a risk assessment should be performed to determine what threats might be applicable. This information is then used to assess which model can best protect against the threats.
Describe the security concepts and concerns for databases.
Identify at least three security assurance and security functional requirements for the database that contain information for medical personnel and emergency responders.
Include this information in the RFP.
In the next step, you will provide security standards for the vendors.
Step 3: Provide Vendor Security Standards
In the previous step, you added context for the needed work. Now, provide a set of internationally recognized standards that competing vendors will incorporate into the database. These standards will also serve as a checklist to measure security performance and security processes.
Read the following resources to prepare:
Hierarchical Model
The hierarchical database model defines data in a hierarchically arranged order. This model can be pictured as a relationship based on a binary tree, where a single table acts as the "root" of the database from which other tables "branch" out. Relationships in this type of a system are thought of in terms of parent and children nodes, such that a child may only have one parent, but a parent can have multiple children. This concept is referred to as having a one-to-many relationship. Pointers link parent and children nodes. A parent will have a list of pointers, so it knows where each of its children is located. The main issue with the hierarchical model is that the user must have a prior knowledge of how the database is structured in order to understand where components map. The hierarchical model is more efficient than the flat-file model because it eliminates some redundant data. The hierarchical database model suffers from two primary drawbacks:
1. A record cannot be added to a child table until it has already been incorporated into the parent table.
2. Redundancy still occurs because hierarchical databases handle one-to-many relationships well, but do not handle many-to-many relationships well because a child may only have one parent. In many cases, the child should be related to more than one parent.
Network Model
Network databases were created to remediate some of the inefficiencies in the hierarchical model. Network databases are based on mathematical concepts introduced by set theory to create the database structure, allowing for many-to-many relationships to exist, where children can have multiple parents and parents can have multiple children.
A relational database comprises a collection of tables, each of which holds data in tuples and fields. In the relational database model, tables are related to one another by using "keys." Each table has a primary key, which uniquely identifies each record, so that no record can be recorded twice under the same primary ID value, eliminating data record duplication. When two tables are related to one another, they share a field called a foreign key. The values in each of the tables will be the same. There are some instances where a primary key can be the foreign key. This interlinking of data provides for a more efficient way to store and retrieve data.
Object-Oriented Model
Object-oriented databases or object database management systems store information as objects rather than data such as integers, strings, or real numbers. Objects contain both executable code and data.
In object-oriented programming, classes are used to define the data and methods the object will contain. The class is like a template to the object and is used to create instances of the object. The class does not itself contain data or methods but defines the data and methods contained in the object.
Reference: The Computer Technology Documentation Project. (n.d.). Object Oriented Databases. Retrieved from http://www.comptechdoc.org/independent/database/basicdb/dataobject.html
In-Memory Model
In-memory databases can provide a significant performance advantage over disk-oriented databases since they avoid disk Input Output, and since their storage managers are built and optimized for complete memory residency. These systems rely on main memory as a storage mechanism. This optimizes search capabilities by eliminating “seek time” when retrieving, querying, and getting datasets. Many of these systems use NoSQL, a language similar to SQL, but NoSQL does not rely on tabular models in traditional relational database systems. These methods are emerging, but include columnar, document, key-value, graph, and multi-model databases. In-memory databases and NoSQL can be combined to create powerful database systems, scaling to large size and clustering over multi-nodes. Large web-based services such as Google Search, Facebook, and Amazon use NoSQL for massive processing. References: Belzer, J., Holzman, A. G. & Kent, A. (1980). Encyclopedia of computer science and technology: Volume 14 – very large data base systems to zero-memory and Markov information source. New York, NY: Marcel Dekker. IEEE Journal bulletin: Data engineering, special issue on main-memory database systems (2013, June). Retrieved from http://sites.computer.org/debull/A13june/issue1.htm Lahiri, T., Neimat, M-A., & Folkman, S. (2013). Oracle times ten: An in-memory database for enterprise applications. Retrieved from http://sites.computer.org/debull/A13june/p6.pdf Strauch, C. (2012). NoSQL databases. Retrieved from http://www.christof-strauch.de/nosqldbs.pdf
Common Criteria (CC) for Information Technology Security Evaluation
The Common Criteria for Information Technology Security Evaluation is a framework or set of standards to evaluate the security of computer systems. According to the United States Computer Emergency Readiness Team, the Common Criteria were developed by the United States, Canada, France, Germany, the Netherlands, and the United Kingdom (US-CERT, 2013):
This effort built on earlier standards, including Europe's Information Technology Security Evaluation Criteria (ITSEC), the United States' Trusted Computer System Evaluation Criteria (TCSEC), and the Canadian Trusted Computer Product Evaluation Criteria (CTCPEC) (Caplan, 1999). The CC is an international standard (ISO/IEC 15408) for computer security. A Common Criteria evaluation allows an objective evaluation to validate that a particular product satisfies a defined set of security requirements.
Though CC focuses on evaluation of systems, it is also useful for the development of security requirements. Seven Common Criteria evaluation assurance levels (EALs) have been defined to indicate the different levels of security functional requirements.
References
Caplan, K., & Sanders, J. (1999). Building an international security standard. IT Professional, 1(2), 29–34. doi:10.1109/6294.774938
United States Computer Emergency Readiness Team (US-CERT). (2013). The common criteria. The United States Computer Emergency Readiness Team. https://www.us-cert.gov/bsi/articles/best-practices/requirements-engineering/the-common-criteria
Evaluated Assurance Levels (EALs)
Evaluated assurance levels (EALs) refer to levels of functional and assurance security requirements defined under the Common Criteria. According to the United States Computer Emergency Readiness Team (US-CERT), the seven EALs are (Mead, 2013):
· EAL1: functionally tested
· EAL2: structurally tested
· EAL3: methodically tested and checked
· EAL4: methodically designed, tested, and reviewed
· EAL5: semiformally designed and tested
· EAL6: semiformally verified designed and tested
· EAL7: formally verified designed and tested
As the names suggest, the higher-level EALs are more robust and used for high risk and high value assets.
References
Mead, N. (2013). The Common Criteria. https://www.us-cert.gov/bsi/articles/best-practices/requirements-engineering/the-common-criteria.
Continuity of Service
Continuity of service is an important part of businesses so that they can mitigate disruptions and disasters. The Ready Business Campaign, created by the Department of Homeland Security (DHS) and the Federal Emergency Management Agency (FEMA), emphasizes the importance of plans for continuity of service (Ready Business Campaign, n.d.):
When business is disrupted, it can cost money. Lost revenues, plus extra expenses, means reduced profits. Insurance does not cover all costs and cannot replace customers that defect to the competition. A business continuity plan to continue business is essential.
The campaign also outlines four key steps for business continuity:
1. conduct a business impact analysis to identify critical functions and processes
2. identify and document resources to recover critical business functions and processes
3. organize a business continuity team and compile a business continuity plan
4. conduct training and testing for the business continuity team
References
Ready Business Campaign. (n.d). Business continuity plan. https://www.ready.gov/business/implementation/continuity.
Address the concepts and issues with respect to disasters and disaster recovery, mission continuity, threats, and cyberattacks.
Threats
Mobile devices and their users face many threats. In a number of cases the device itself is compromised with malware before the end user even purchases it. Threats to mobile devices are extensive and cover all aspects, from the user to the application software, hardware, and operating system.
The device itself can become compromised through malware delivered via application installations that are often downloaded for "free." These applications may send SMS (short message service or text) messages that charge the user's service provider for messages the user did not intend to send. Mobile application malware may also attempt to steal bank account credentials.
Network attacks are also common where "evil twin" or rogue wireless access points are positioned to trick the device or the end user into connecting, often unknowingly, to a network that is not secure.
Malware has been found that may take control of a user's mobile device microphone or camera, causing a breach in user privacy. GPS and location services on a mobile device are also often leveraged to invade a user's privacy or deliver malicious attacks.
References
Ayers, R., Brothers, S., & Jansen, W. (2014). Guidelines on mobile device forensics (Special Publication 800-101, Revision 1). National Institute of Standards and Technology. US Department of Commerce. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-101r1.pdf
Kirk, J. (2014, March 5). New Android devices infected with pre-installed malware. http://www.tripwire.com/state-of-security/latest-security-news/new-android-devices-infected-pre-installed-malware/
Include these security standards in the RFP.
In the next step, you will describe defense models for the RFP.
Step 4: Describe Defense Models
Now that you have established security standards for the RFP, you will define the use of defense models. This information is important since the networking environment will have numerous users with different levels of access.
Provide requirements in the RFP for the vendor to state its overall strategy for defensive principles. Explain the importance of understanding these principles. To further your understanding, click the link and read about defensive principles
Defensive Principles
Defensive principles refer to the principles/policies implemented for security design. According to Cisco, the key principles are defense-in-depth, compartmentalization, least privilege, weakest link, separation and rotation of duties, hierarchically trusted components and protection, mediated access, accountability, and traceability (Cisco, n.d.).
The most commonly used principle is defense-in-depth, where several security features are layered over each other in order to protect a system. This helps to "manage risk with diverse defensive strategies, so that if one layer of defense turns out to be inadequate, another layer of defense will hopefully prevent a full breach" (McGaw, 2013).
References
Cisco. (n.d.). Principles of secure network design. http://www.learncisco.net/courses/iins/common-security-threats/security-architecture-design-guidelines.html.
McGaw, G. (2013). Thirteen principles to ensure enterprise system security. TechTarget. http://searchsecurity.techtarget.com/opinion/Thirteen-principles-to-ensure-enterprise-system-security.
Read these resources on enclave computing environment:
Enclave/Computing Environment
Enclave refers to a part of the network which is divided from the network, so that there is restricted access and sharing of confidential data. According to Mikkelsen and Jacobsen (2016):
The main principle relies upon the concept of a protected memory container, also referred to as an enclave. The enclave can be created through application code, where sensitive data are explicitly marked. When the application is executed, a sensitive part of the application's memory space is encapsulated within an enclave. (p. 218)
Enclaves do not interact with the other parts of the network, so the enclave computing environment promotes security and integrity of data and reduces threats.
References
Mikkelsen, S. A., & Jacobsen, R. H. (2016). Securing the home energy management platform. http://cdn.intechopen.com/pdfs-wm/50458.pdf
Cyber Operations in DoD Policy and Plans
The Department of Defense (DoD), in conjunction with other government agencies, creates policies and plans for operating in cyberspace and "focuses on building capabilities for effective cybersecurity and cyber operations to defend DoD networks, systems, and information; defend the nation against cyberattacks of significant consequence; and support operational and contingency plans" (DoD, 2015).
Consequently, DoD has set five strategic goals for cyberspace missions (DoD, 2015):
1. Build and maintain ready forces and capabilities to conduct cyberspace operations
2. Defend the DoD information network, secure DoD data, and mitigate risks to DoD missions
3. Be prepared to defend the US homeland and US vital interests from disruptive or destructive cyberattacks of significant consequence
4. Build and maintain viable cyber options and plan to use those options to control conflict escalation and to shape the conflict
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.