Jump to content

Integrity bei MSSQL

SandyB

By SandyB,
in MS SQL Server Forum

Followers 3
Go to solution Solved by Dukel,
Der letzte Beitrag zu diesem Thema ist mehr als 180 Tage alt. Bitte erstelle einen neuen Beitrag zu Deiner Anfrage!

Recommended Posts

SandyB

SandyB 9

Posted
Posted

Hallo,

Vielleicht kann mir ein SQL-Experte weiter helfen, da mein DB-Wissen sehr überschaubar ist:

Ich muss ein Security-Assessment für eine Kauf-Anwendung durchführen. Diese Anwendung speichert ihre System- und Userdaten in einer aktuellen MSSQL-Datenbank. Laut NIST 800-53 SC-28 sollen confidentiality and integrity gespeicherter Informationen z.B. mittels cryptografischer oder anderer Methoden sichergestellt werden. (mir geht's hauptsächlich um Integrity)

Frage: Kann man bei in MSSQL-gespeicherten Daten davon ausgehen, dass diese Anforderung durch die Datenbank implizit erfüllt wird oder braucht es extra Konfigrationen oder liegen confidentiality/ integrity der Daten oberhalb der Datenbank? Genial wäre ein Link.

 

Vielen Dank!

Sandy 

 

Zitat

SC-28 PROTECTION OF INFORMATION AT REST
Control: The information system protects the [Selection (one or more): confidentiality; integrity] of
[Assignment: organization-defined information at rest].
Supplemental Guidance: This control addresses the confidentiality and integrity of information at
rest and covers user information and system information. Information at rest refers to the state of
information when it is located on storage devices as specific components of information systems.
System-related information requiring protection includes, for example, configurations or rule sets
for firewalls, gateways, intrusion detection/prevention systems, filtering routers, and authenticator
content. Organizations may employ different mechanisms to achieve confidentiality and integrity
protections, including the use of cryptographic mechanisms and file share scanning. Integrity
protection can be achieved, for example, by implementing Write-Once-Read-Many (WORM)
technologies.

 

Link to post
  • Solution
Dukel

Dukel 349

Posted
  • Solution
Posted

Man kann es konfigurieren:

https://docs.microsoft.com/en-us/sql/relational-databases/policy-based-management/set-the-page-verify-database-option-to-checksum?view=sql-server-ver15

 

Quote

When the page is read from disk, the checksum is recomputed and compared to the checksum value that is stored in the page header. This helps provide a high level of data-file integrity.

 

Link to post
Der letzte Beitrag zu diesem Thema ist mehr als 180 Tage alt. Bitte erstelle einen neuen Beitrag zu Deiner Anfrage!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Followers 3
Go to topic listing


×
×
  • Create New...