Biomatrics access control

The operations of a biometric system depend heavily on the input devices that are subjected to operational limitations. At times, the devices themselves may fail to capture the necessary input samples. They may not capture the sample sufficiently. This makes the system unreliable and vulnerable.

The more vulnerable a biometric system is, the more insecure it is.

Biometric System Vulnerability

There are the two major causes of biometric system vulnerability −

System Failures

There are two ways in which a biometric system can fail to work −

Intrinsic failures − They are failures such as non-working sensors, failure of feature extraction, matching, or decision making modules, etc.

Failures due to attacks − They are due to loopholes in the biometric system design, availability of any computations to the attackers, insider attacks from unethical system administrators, etc.

Non-secure Infrastructure

The biometric system can be accessible to malicious users if its hardware, software, and user data are not safeguarded.

Risks with Biometric System Security

The security of a biometric system is important as the biometric data is not easy to revoke or replace. There are following prominent risks regarding security of biometric systems −

Risk of User Data Being Stolen

If the biometric system is vulnerable, the hacker can breach the security of it and collect the user data recorded in the database. It creates more hazards to privacy.

Risk of User Data Getting Compromised

After acquiring the biometric sample, the hacker can present a fake sample to the system. If user data is compromised, it remains compromised forever. The obvious reason is, user has only a limited number of biometrics and they are difficult to replace, unlike passwords or ID cards.

Though biometric data is encrypted and stored, it needs to be decrypted for matching purpose. At the time of matching a hacker may breach the security.

Biometric System Security

A number of solutions are proposed to address the biometric system security issue. Biometric templates are never stored in the raw form. They are encrypted; sometimes even twice.

In the case of biometrics, there are various resources involved such as humans (subjects or candidates), entities (system components or processes), and biometric data (information). The security requirements of confidentiality, integrity, authenticity, non-repudiation, and availability are essential in biometrics. Let us go through them briefly −

Authenticity

It is the quality or the state of being pure, genuine, or original, rather than being reproduced. Information is authentic when it is in the same state and quality when it was created, stored, or transferred.

There are two authenticities in a biometric system − entity authenticity and data origin authenticity. Entity authenticity confirms that all entities involved in the overall processing are the ones they claim to be. Data origin authenticity ensures genuineness and originality of data. For example, the biometrics data is captured with sensor devices. The captured data that came from a genuine sensor is not spoofed from a previous recording.

Confidentiality

It is limiting information access and disclosure to authorized users and preventing access by or disclosure to unauthorized people. In cases of a biometric system, it mainly refers to biometric and related authentication information when it is captured and stored, which needs to be kept secret from unauthorized entities.

The biometric information should only be accessible completely to the person it belongs. During identification and variation, the accessing candidate needs to be restricted with appropriate security measures.

Integrity

It is the condition of being complete and unaltered that refers to its consistency, accuracy, and correctness. For a biometric system, the integrity should be high. Any malicious manipulations during operation and storage should be kept away or detected earliest by including its notification and correction.

Non-repudiation

It is identification of involved resources such as entities and components. It is also seen as accountability. For example, it prohibits a sender or a recipient of biometric information from denying having sent or received biometric information.

Availability

A resource has the property of availability with respect to a set of entities if all members of the set can access the resource. An aspect called reachability ensures that the humans or system processes either can or cannot be contacted, depending on user interests.

Attackers can make the system unusable for genuine users, thus preventing them from using authenticated applications. These attackers target the availability of the information.

Secure you information with ISO 27001

What is ISO 27001?

ISO 27001 (formally known as ISO/IEC 27001:2005) is a specification for an information security management system (ISMS). An ISMS is a framework of policies and procedures that includes all legal, physical and technical controls involved in an organisation's information risk management processes.

The specification includes details for documentation, management responsibility, internal audits, continual improvement, and corrective and preventive action. The standard requires cooperation among all sections of an organisation.

ISO 27002 contains 12 main sections:

1. Risk assessment
2. Security policy
3. Organization of information security
4. Asset management
5. Human resources security
6. Physical and environmental security
7. Communications and operations management
8. Access control
9. Information systems acquisition, development and maintenance
10. Information security incident management
11. Business continuity management
12. Compliance

Benefits of ISO 27001:2013

Protecting your organisation’s information is critical for the successful management and smooth operation of your organisation. Achieving ISO 27001 will aid your organisation in managing and protecting your valuable data and information assets.

By achieving certification to ISO 27001 your organisation will be able to reap numerous and consistent benefits including:

• Keeps confidential information secure
• Provides customers and stakeholders with confidence in how you manage risk
• Allows for secure exchange of information
• Helps you to comply with other regulations (e.g. SOX)
• Provide you with a competitive advantage
• Enhanced customer satisfaction that improves client retention
• Consistency in the delivery of your service or product
• Manages and minimises risk exposure
• Builds a culture of security
• Protects the company, assets, shareholders and directors

Security in social mide

What Is Social Media Security?

Social media security is the process of analyzing dynamic social media data in order to protect against security and business threats.

Every industry faces a unique set of risks on social, many of which have put organizations in the press or at the center of controversy. Whether it’s blocking targeted phishing attacks, protecting corporate accounts from compromise, fighting fraud or defending against scams and impersonating accounts, social media security is critical for modern business success.

The scale of social media

With 2 billion people on social media worldwide, attacks can spread like any other viral trend. The adversary can use trends, click-bait, and hashtags to broadcast their attack, either to general population or to a certain group of people. This poses a monumental challenge for security teams to overcome manually.

The trusted nature of social media

Well over one third of people accept unknown friend requests on social media, making it one of most effective vehicles for gaining the trust of a target. Once an attacker has entered one of their target's trusted social circles, it is much easier to entice the target to click a malicious link or file.

invisibility to security teams

According to Computerworld, the average American spends over ¼ of their online time on social networks. InfoSec teams have no existing tools in their arsenal to extend their visibility beyond the perimeter into the social media realm, where employees are dangerously vulnerable to compromise.

 1. Having Your Identity Stolen

Identity thieves gather personal information from social media sites. Even if you have your account on the highest security settings, there are still ways for an identity thief to get your information. Most social network sites have information that is required, such as email address or birthday. It’s common for an identity thief to hack an email account by using social information. For example, a common technique to get personal information is by clicking on “forgot password” and trying to recover the information through email. Once the thief has access to your email account, they then have access to all information on your social networking sites.

So what can you do to protect yourself? You don’t have to delete all your social profiles or hide from the real world; just take these precautions.

Have a strong password. The stronger your password, the harder it is to guess. Use special characters like symbols and capital letters when creating your password. Also, don’t use “common” passwords, like your birthday or your child’s name.

Be careful with your status updates. Often, we innocently post status updates that would give an identity thief information they need to steal our identity. For example, you may post “Happy birthday to my mother!” and then tag her in the post. Likely, your mother’s maiden name will be associated with that tag now. A popular security question is “What is your mother’s maiden name?” and if you share that online, you run the risks of identity thieves getting the answer to this commonly used question.

Don’t reveal your location. You can use a fake location or make one up from another city and state. You may even be able to leave this information blank. Be cautious and never use a city and state where you live.

2. Getting Your Computer Or Social Profile Hacked

Hackers love social networking, going right to the source to interject malicious code. The codes hackers use can steal your identity, inject viruses to your computer, and obstruct bank account information, to name a few. Shortened URLs, such as those created on bit.ly, are especially susceptible to hackers. Shortened URLs can trick users into visiting harmful sites where personal information can be compromised because the full URL is not seen.

The best advice is to never click on a link until you are sure of the source. To tell if a link is safe, you can:

Hover over the link. If you hover over a link without clicking, you’ll see the full URL in the lower corner of your browser. If this is a website you recognize, go ahead and click.

Try a link scanner. A link scanner is a website that lets you enter the URL of a link you suspect might be suspicious to check for safety. Try URLVoid or MyWOT as possible options.

Check shortened links. A shortened link is popular on sites like Twitter where character length matters. Some shortened link sites include bit.ly, Ow.ly, and TinyURL. Use a service like Sucuri to determine if the real link is secure.

3. Inadvertently Letting Stalkers Find You

When you use social networking sites, you are posting personal information. Once information is posted online, it’s no longer private and can fall into the wrong hands. The more you post, the more vulnerable you become to those who may wish to harm you. Even with the highest security settings, friends, associates, and even the brands you “like” on your networking sites, can inadvertently leak information about you. The websites you subscribe to, the apps you download, and the games you play on social networking sites all contain personal information about you. Every time you browse a website, companies can put invisible markers on your computer called cookies. In theory, no two cookies are alike. When you are online, these cookies track your activity as you move from site to site.

To keep sites from tracking your activity, click on the “Do Not Track” feature. Most websites have an option for you to opt out of tracking. You can also clear the cache and cookies on your browser regularly to help prevent any problems.

4. Letting Burglars Know Your Whereabouts

Telling the online world where you’re going and when you aren’t at home is inviting burglars to your house.  Did you know that a run-of-the-mill burglar can break into your home in less than 60 seconds and spend less than 10 minutes stealing your possessions? By telling the world you are on vacation in Europe, you’re letting potential thieves know where you are, how long you’ll be gone, and where you live. Burglars are fond of constant updates, especially about your travel plans. You wouldn’t stand up in the middle of a crowd and announce you’re going on vacation for a week, would you? Of course not, but that’s what you do when you post your vacation pictures and plans online.

When you go on vacation:

Avoid posting specific travel plans. Never post when, where, or how long you’ll be gone.

Wait until you are home to post pictures to a vacation album.

Use highest privacy control. Only let certain groups, like a family group, view your photos.

Be selective with the status updates. You can use an audience-selector dropdown menu on Facebook to choose certain groups to see your status updates.

Stay offline. You’re on vacation, after all. Relax and forget about the online world for a few days.

5. Becoming Overconfident

One of the biggest threats to online security is overconfidence. Whether at home or at work, many users believe as long as they have a firewall and an antivirus installed, there is no threat to security. Many people also believe that they don’t have anything worth hacking so there’s no need to worry about security. With today’s technology, we are more connected to each other than ever before. When you neglect security, you not only put yourself at risk, but others are at risk as well.

To keep yourself and your information safe, pay careful attention to your online activity. Avoid posting information including:

Travel plans 

Bank account information

Your full address and birthdate

Your children’s’ names, school, and birthdates

Location information, such as the name of your work place

Your daily schedule

You can still use social networks for all they were meant to accomplish, but you need to take extra precautions to make sure your personal information doesn’t get in the wrong hands. Know what threats you are most vulnerable to and take steps to protect yourself and your networks.

Ethical Hacking

Information security professionals can take preventive security practices to the next level by learning how to hack.

As opposed to malicious “black hat” hacking, ethical “white hat” hacking (also called penetration testing) involves using computer hacking skills to identify network security vulnerabilities and patch security holes before anyone can abuse them.

Why It’s Important

Learning how to hack helps information security professionals implement the strongest possible security practices. It’s as much about finding and fixing security vulnerabilities as it is anticipating them. As you learn more about the methods hackers use to infiltrate systems, you’ll be able to preemptively resolve issues; if you don’t understand how black hat hackers could get into your systems, you’re going to have a hard time securing them.

Think of it this way: a computer network is like a yard with a fence to keep people out. If you’ve put something valuable inside the yard, someone may want to hop the fence and steal it. Ethical hacking is like regularly checking for vulnerabilities in and around the fence, so you can reinforce weak areas before anyone tries to get in.

What It Involves

Above everything else, successful ethical hacking requires being a master of problem-solving. An understanding of how computer systems and programming languages work is also essential because if you understand how the system works, it’s easier to think of ways to exploit the system.

For example, a website may use a complicated, sturdy JavaScript-based authentication system to prevent spammers from submitting thousands of bogus support emails. An ethical hacking approach to testing may be attempting to disable the JavaScript language in the web browser (a widely available feature) and submitting a support email while ignoring the authentication process. Unless the programmers have designed the site to ignore non-JavaScript enabled systems, the spam email will bypass security. After identifying the security hole, the programmers can make the necessary adjustments.

How to Become an Ethical Hacker

According to PC World, hiring managers look for individuals who have ethical hacking experience and/or degrees in information security and information technology, as well as IT certifications. It’s possible to start your career in ethical hacking or steer your career in the field as your experience grows. Hack training sites such as hackthissite.org can help you sharpen your hacking skills regardless of your experience level.

TOR network

What is TOR network

Tor is free software for enabling anonymous communication. The name is derived from an acronym for the original software project name "The Onion Router". Tor directs Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays[10] to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.

Tor does not prevent an online service from determining when it is being accessed through Tor. Tor protects a user's privacy, but does not hide the fact that Tor is being used. Some websites restrict what is allowed when using Tor. For example, Wikipedia limits the edits that can be made through Tor.


Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of an onion. Tor encrypts the data, including the next node destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.

Usage 

Tor enables its users to surf the Internet, chat and send instant messages anonymously, and is used by a wide variety of people for both licit and illicit purposes. Tor has, for example, been used by criminal enterprises, hacktivism groups, and law enforcement agencies at cross purposes, sometimes simultaneously; likewise, agencies within the U.S. government variously fund Tor (the U.S. State Department, the National Science Foundation, and – through the Broadcasting Board of Governors, which itself partially funded Tor until October 2012 – Radio Free Asia) and seek to subvert it.

Tor is not meant to completely solve the issue of anonymity on the web. Tor is not designed to completely erase tracks but instead to reduce the likelihood for sites to trace actions and data back to the user.

Tor is also used for illegal activities, e.g., to gain access to censored information, to organize political activities, or to circumvent laws against criticism of heads of state.

Tor has been described by The Economist, in relation to Bitcoin and Silk Road, as being "a dark corner of the web". It has been targeted by the American National Security Agency and the British GCHQ signals intelligence agencies, albeit with marginal success, and more successfully by the British National Crime Agency in its Operation Notarise.[54] At the same time, GCHQ has been using a tool named "Shadowcat" for "end-to-end encrypted access to VPS over SSH using the TOR network". Tor can be used for anonymous defamation, unauthorized news leaks of sensitive information, copyright infringement, distribution of illegal sexual content, selling controlled substances, weapons, and stolen credit card numbers, money laundering, bank fraud, credit card fraud, identity theft and the exchange of counterfeit currency; the black market utilizes the Tor infrastructure, at least in part, in conjunction with Bitcoin. It has also been used to brick IoT devices.

In its complaint against Ross William Ulbricht of Silk Road, the US Federal Bureau of Investigation acknowledged that Tor has "known legitimate uses". According to CNET, Tor's anonymity function is "endorsed by the Electronic Frontier Foundation (EFF) and other civil liberties groups as a method for whistleblowers and human rights workers to communicate with journalists". EFF's Surveillance Self-Defense guide includes a description of where Tor fits in a larger strategy for protecting privacy and anonymity.

In 2014, the EFF's Eva Galperin told BusinessWeek magazine that "Tor’s biggest problem is press. No one hears about that time someone wasn't stalked by their abuser. They hear how somebody got away with downloading child porn."

The Tor Project states that Tor users include "normal people" who wish to keep their Internet activities private from websites and advertisers, people concerned about cyber-spying, users who are evading censorship such as activists, journalists, and military professionals. As of November 2013, Tor had about four million users. According to the Wall Street Journal, in 2012 about 14% of Tor's traffic connected from the United States, with people in "Internet-censoring countries" as its second-largest user base. Tor is increasingly used by victims of domestic violence and the social workers and agencies that assist them, even though shelter workers may or may not have had professional training on cybersecurity matters. Properly deployed, however, it precludes digital stalking, which has increased due to the prevalence of digital media in contemporary online life. Along with SecureDrop, Tor is used by news organizations such as The Guardian, The New Yorker, ProPublica and The Intercept to protect the privacy of whistleblowers.

In March 2015 the Parliamentary Office of Science and Technology released a briefing which stated that "There is widespread agreement that banning online anonymity systems altogether is not seen as an acceptable policy option in the U.K." and that "Even if it were, there would be technical challenges." The report further noted that Tor "plays only a minor role in the online viewing and distribution of indecent images of children" (due in part to its inherent latency); its usage by the Internet Watch Foundation, the utility of its hidden services for whistleblowers, and its circumvention of the Great Firewall of China were touted.

Tor's executive director, Andrew Lewman, also said in August 2014 that agents of the NSA and the GCHQ have anonymously provided Tor with bug reports.

Virtual Private Database

Virtual Private Database (VPD) is a database security feature that is built into an Oracle database server, as opposed to being part of an application that is accessing the data. The user is only allowed to see the data they have been given permission to see.

VPD uses application contexts to provide row-level security and fine-grained access control based on a company's security policies. Application contexts are simply key value pairs that are created in a defined namespace. VPD was first introduced in Oracle8i.

Virtual Private Database (VPD), a feature of Oracle Database 11g Enterprise Edition, was introduced in Oracle8i and is one of the most popular security features in the database. VPD is used when the standard object privileges and associated database roles are insufficient to meet application security requirements. VPD policies can be simple or complex depending on your security requirements. VPD can be used in combination with the "application context" feature to enforce sophisticated row and/or column level security requirements for privacy and regulatory compliance. A simple VPD example might restrict access to data during business hours and a more complex VPD example might read an application context during a login trigger and enforce row level security against the ORDERS table.

No matter how users connect to the protected table (via an application, a Web interface or SQL*Plus), the result is the same. There is no "application security problem" anymore, since the access policy is attached to the table, and cannot be bypassed.
Benefits of Using Oracle Virtual Private Database Policies

Oracle Virtual Private Database policies provide the following benefits:

• Basing Security Policies on Database Objects Rather Than Applications
• Controlling How Oracle Database Evaluates Policy Functions

Basing Security Policies on Database Objects Rather Than Applications

Attaching Oracle Virtual Private Database security policies to database tables, views, or synonyms, rather than implementing access controls in all your applications, provides the following benefits:

Security. Associating a policy with a database table, view, or synonym can solve a potentially serious application security problem. Suppose a user is authorized to use an application, and then drawing on the privileges associated with that application, wrongfully modifies the database by using an ad hoc query tool, such as SQL*Plus. By attaching security policies directly to tables, views, or synonyms, fine-grained access control ensures that the same security is in force, no matter how a user accesses the data.

Simplicity. You add the security policy to a table, view, or synonym only once, rather than repeatedly adding it to each of your table-based, view-based, or synonym-based applications.

Flexibility. You can have one security policy for SELECT statements, another for INSERT statements, and still others for UPDATE and DELETE statements. For example, you might want to enable Human Resources clerks to have SELECT privileges for all employee records in their division, but to update only salaries for those employees in their division whose last names begin with A through F. Furthermore, you can create multiple policies for each table, view, or synonym.

Controlling How Oracle Database Evaluates Policy Functions

Running policy functions multiple times can affect performance. You can control the performance of policy functions by configuring how Oracle Database caches the Oracle Virtual Private Database predicates. The following options are available:

• Evaluate the policy once for each query (static policies).
• Evaluate the policy only when an application context within the policy function changes (context-sensitive policies).
• Evaluate the policy each time it is run (dynamic policies).

Which Privileges Are Used to Run Oracle Virtual Private Database Policy Functions?

For greater security, the Oracle Virtual Private Database policy function runs as if it had been declared with definer's rights. Do not declare it as invoker's rights because this can confuse yourself and other users who maintain the code.

Using Oracle Virtual Private Database with an Application Context

You can use application contexts with Oracle Virtual Private Database policies. When you create an application context, it securely caches user information. Only the designated application package can set the cached environment. It cannot be changed by the user or outside the package. In addition, because the data is cached, performance is increased. Chapter 6, "Using Application Contexts to Retrieve User Information" describes application contexts in detail.

For example, suppose you want to base access to the ORDERS_TAB table on the customer ID number. Rather than querying the customer ID number for a logged-in user each time you need it, you could store the number in the application context. Then, the customer number is available in the session when you need it.

Application contexts are especially helpful if your security policy is based on multiple security attributes. For example, if a policy function bases a WHERE predicate on four attributes (such as employee number, cost center, position, spending limit), then multiple subqueries must execute to retrieve this information. Instead, if this data is available through an application context, then performance is much faster.

You can use an application context to return the correct security policy, enforced through a predicate. For example, consider an order entry application that enforces the following rules: customers only see their own orders, and clerks see all orders for all customers. These are two different policies. You could define an application context with a position attribute, and this attribute could be accessed within the policy function to return the correct predicate, depending on the value of the attribute. Thus, you can enable a user in the clerk position to retrieve all orders, but a user in the customer position can see only those records associated with that particular user.

A place to store sensitive information

Securing Stored Data Using Transparent Data Encryption

Transparent data encryption enables you to encrypt sensitive data, such as credit card numbers, stored in table columns. Encrypted data is transparently decrypted for a database user who has access to the data. Transparent data encryption helps protect data stored on media in the event that the storage media or data file gets stolen.

About Transparent Data Encryption

Oracle Database 11g uses authentication, authorization, and auditing mechanisms to secure data in the database, but not in the operating system data files where data is stored. To protect these data files, Oracle Database provides transparent data encryption. Transparent data encryption encrypts sensitive table data stored in data files. To prevent unauthorized decryption, transparent data encryption stores the encryption keys in a security module external to the database.

This section contains the following topics:

Benefits of Using Transparent Data Encryption
When to Use Transparent Data Encryption
How Transparent Data Encryption Works
Overview of Basic Transparent Data Encryption Operations

Benefits of Using Transparent Data Encryption

Transparent data encryption has the following advantages:

As a security administrator, you can be sure that sensitive data is safe in case the storage media or data file gets stolen.

Implementing transparent data encryption helps you address security-related regulatory compliance issues.

You do not need to create triggers or views to decrypt data. Data from tables is transparently decrypted for the database user.

Database users need not be aware of the fact that the data they are accessing is stored in encrypted form. Data is transparently decrypted for the database users and does not require any action on their part.

Applications need not be modified to handle encrypted data. Data encryption/decryption is managed by the database.

When to Use Transparent Data Encryption

Use transparent data encryption to protect confidential data, such as credit card and social security numbers, without having to manage key storage or create auxiliary tables, views, and triggers. An application that processes sensitive data can use this feature to provide strong data encryption with little or no change to the application.

Restrictions on Using Transparent Data Encryption

You cannot use transparent data encryption to encrypt columns used in foreign key constraints. This is because every table has a unique column encryption key.

Transparent data encryption encrypts and decrypts data at the SQL layer. Oracle Database utilities and features that bypass the SQL layer cannot leverage the services provided by transparent data encryption. Do not use transparent data encryption with the following database features:

• Index types other than B-tree
• Range scan search through an index
• External large objects (BFILE)
• Materialized View Logs
• Synchronous Change Data Capture
• Transportable Tablespaces
• Original import/export utilities

Transparent data encryption protects data stored on disk/media. It does not protect data in transit. Use Oracle Advanced Security network encryption solutions discussed in Chapter 2, "Configuration and Administration Tools Overview"to encrypt data over the network.

How Transparent Data Encryption Works

Transparent data encryption is a key-based access control system. Even if the encrypted data is retrieved, it cannot be understood until authorized decryption occurs, which is automatic for users authorized to access the table.

When a table contains encrypted columns, a single key is used regardless of the number of encrypted columns. This key is called the column encryption key. The column encryption keys for all tables, containing encrypted columns, are encrypted with the database server master encryption key and stored in a dictionary table in the database. No keys are stored in the clear.

The master encryption key is stored in an external security module that is outside the database and accessible only to the security administrator. For this external security module, Oracle uses an Oracle wallet as described in this chapter. Storing the master encryption key in this way prevents its unauthorized use.

Using an external security module separates ordinary program functions from encryption operations, making it possible to divide duties between database administrators and security administrators. Security is enhanced because the wallet password can be unknown to the database administrator, requiring the security administrator to provide the password.

Overview of Basic Transparent Data Encryption Operations

To enable transparent data encryption, you must have the ALTER SYSTEM privilege and a valid password to the Oracle wallet. If an Oracle wallet does not exist, then a new one is created using the password specified in the SQL command.

To create a new master key and begin using transparent data encryption, issue the following command:

ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY password

Enclose the password in double quotation marks (" "). This command generates the database server master encryption key, which the server uses to encrypt the column encryption key for each table. No table columns in the database can be encrypted until the master key of the server has been set.

The master encryption key remains accessible to the database until the database instance is shutdown. To load the master encryption key after the database is restarted, use the following command:

ALTER SYSTEM SET ENCRYPTION WALLET OPEN IDENTIFIED BY password

Enclose the password in double quotation marks (" "). To create a new table with encrypted columns, use the CREATE TABLE command in the following form:

CREATE TABLE table_name ( column_name column_type ENCRYPT,....);

The ENCRYPT keyword against a column specifies that the column should be encrypted.

If an existing table has columns that require encryption, then use the ALTER TABLE command in the following form:

ALTER TABLE table_name MODIFY ( column_name column_type ENCRYPT,...);

The ENCRYPT keyword against a column specifies that the column should be encrypted.

To disable access to all encrypted columns in the database, use the following command:

ALTER SYSTEM SET ENCRYPTION WALLET CLOSE

The preceding command disables access to the master key in the wallet and prevents access to data in the encrypted columns. You need to open the wallet again, using the 

ALTER SYSTEM SET WALLET OPEN IDENTIFIED BY password 

command, to re-enable access to the master encryption key.

Secure Software development Life Cycle

The software development life cycle, or SDLC, encompasses all of the steps that an organization follows when it develops software tools or applications. Organizations that incorporate security in the SDLC benefit from products and applications that are secure by design. Those that fail to involve information security in the life cycle pay the price in the form of costly and disruptive events.

In an organization that's been around for several years or more, the SDLC is well-documented and usually includes the steps that are followed and in what order, the business functions and/or individuals responsible for carrying out the steps and information about where records are kept.

A typical SDLC model contains the following main functions:

Conceptual definition. This is a basic description of the new product or program being developed, so that anyone reading it can understand the proposed project.

Functional requirements and specifications. This is a list of requirements and specifications from a business function perspective.

Technical requirements and specifications. This is a detailed description of technical requirements and specifications in technical terms.

Design. This is where the formal detailed design of the product or program is developed.

Coding. The actual development of software.

Test. This is the formal testing phase.

Implementation. This is where the software or product is installed in production.

Each major function consists of several tasks, perhaps documented in flowchart notation with inputs, outputs, reports, decisions and approvals. Some companies build workflow applications to support all of this.

Getting the right security information to the right people

Many people in the entire development process need all kinds of information, including security information, in a form that is useful to them. Here is the type of information that is required during each phase of the SDLC.

Conceptual -- Organization information security principles and strategies

Functional requirements and specifications -- Information security requirements

Technical requirements and specifications -- Information security requirements

Design -- Enterprise security architecture and security product standards

Coding -- Development standards, practices, libraries and coding examples

Testing -- Test plans that show how to verify each security requirement

Implementation -- Procedures for integrating existing authentication, access controls, encryption, backup, etc.

If you are wondering why maintenance is omitted from the life cycle example here, it is because maintenance is just an iteration of the life cycle: when a change is needed, the entire process starts all over again. All of the validations that are present the first time through the life cycle are needed every time thereafter.

Finally, one may say that these changes represent a lot of extra work in a development project. This is not the case – these additions do not present that much extra time. These are but small additions that reap large benefits later on.

Fix it now or pay the price later

Organizations that fail to involve information security in the life cycle will pay the price in the form of costly and disruptive events. Many bad things can happen to information systems that lack the required security interfaces and characteristics. Some examples include:

Orphan user accounts (still-active accounts that belong to employees or contractors who have left the organization) that exist because the information system does not integrate with an organization's identity management or single sign-on solution.

Defaced Web sites as a result of systems that were not built to security standards and, therefore, include easily exploited weaknesses.

Fraudulent transactions that occur because an application lacked adequate audit trails and/or the processes required to ensure they are examined and issues dealt with.

You should figure that problems like these are all costly to solve – in most cases far more costly than the little bit of extra effort required to build the products or applications correctly in the first place.