Sidpers

Only available on StudyMode
  • Download(s) : 33
  • Published : January 27, 2013
Open Document
Text Preview
STANDARD INSTALLATION DIVISION PERSONNEL SYSTEM (SIDPERS)
SECURITY PLAN

Gladys Turnbull

Submitted to: Professor Kevin Reynolds
SEC 574 Database Security
Keller Graduate School of Management
Submitted: 22 August 2012

Abstract: SIDPERS Security Plan developed for the Virgin Islands National Guard is procedural protection of this highly sensitive database holding the personnel records of over 960 active service members and over 10,000 retirees’ skeleton military personnel records. It is with great err on caution that we recommend and enforce the highest level of tiered defense in depth security measure to maintain the confidentiality, integrity and accessibility of this data; because we know its’ compromise and/or loss will reap great distress in soldiers’ and their families’ lives.

TABLE OF CONTENT
I. Project Identification and Business Environment .......................... 3 II. Architecture and Operating System Considerations
SIDPERS Architecture........................................................................3 Security Requirement..........................................................................5

III. User Account and Password Administration
User Administration.............................................................................6 Password Policies.................................................................................6 Profile definition and assignment..........................................................7

IV. Privileges and Roles
Security Model........................................................................................7 Roles........................................................................................................7 System privileges/ Object privileges ......................................................8

V. Database Security Operations
Database Logging...................................................................................8 Activity Auditing......................................................................................9

VI. Data Isolation Policies
Data Isolation..........................................................................................9 Database views.......................................................................................10 Database triggers...................................................................................11 Database stored procedures..................................................................11

VII. Physical Environment for Secured Databases
Physical Security .................................................................................11 Database Backup.................................................................................12

VIII. Summary .............................................................................................12

IX. References.............................................................................................14

I. Project Identification and Business Environment
Standard Installation Division Personnel System (SIDPERS) is the database of record for retaining a unit’s personnel data needed when call to active duty to support our nation or territories conflicts or disaster events; when personnel status change due to life changing events and to register service-members or their family for health care, life insurance and other personnel services; it is also the database that provides information on soldiers eligibility for promotions, awards and other personnel actions. As the territory Database Processing Manager setting up the security matrix for this conglomerate of databases within the RCASWEB framework was complex and intricate. The CIO has asked me to design a secure, scalable, and responsive database security plan and requirements definition document for the RCASWEB SIDPERS database. The database security plan will address the user authentication process; the...
tracking img