2. Why Data Security apart from that offered by DATABASE
Governments and industry groups are mandating security measures over
privacy, healthcare and financial data,
Companies create, modify, store, and move vast amount of data every day.
Loss of data integrity by unauthorized manipulation of crucial data has
emerged as one of the biggest hurdles inside the enterprises today. Usually
such incidents are detected much later.
According to IDC, several of the top issues faced by IT organizations involve
threats to sensitive data:
• Outsiders penetrating the network and gaining access to protected
information and modify the data creating loss of database integrity
• Intentional misuse by disgruntled or malicious insiders / outsourcing
partner
• Inadvertent mistakes by under-informed insiders
• Employees following flawed policies and/or procedures
3. Today’s Data Security problem
Operating
System
Administrators
or
Database
Administrators or external hackers or outsourcing
maintenance team can do anything they want to the
database almost without any track.
Each year, approximately 15 million Americans are
identity theft victims with financial losses to the
country totaling close to $50 billion.
Source:
http://www.identitytheft.info/financial.aspx
Recent Headlines:
Criminal gangs with malicious plan get into identity
theft and modification of critical data sets.
ShieldDB – A Unique Data Security product
4. Why ShieldDB (Problem Statement)
Business areas affected by Unauthorized access
• Bank / Demat Account / Credit Card / Insurance / Health Care
• Salary, Income Tax Related Information
• University Admission, Marks Data
• Land and License Records
• Business Secrets of Government & other organizations
• Resident Information
Trend
Through 2016, the financial impact of cybercrime will grow 10
% per year due to the continuing discovery of new
vulnerabilities. Gartner Top Predictions for 2012: Control Slips Away, Gartner, December 2011
6. Background of ShieldDB
Data manipulations, mostly by internal users, without keeping any track are
considered as unauthorized access and are biggest threat – our ShieldDB
is designed to identify such events and report to owners.
Our solution is based on Statistical methods. Once the solution is
implemented, such thefts will be brought to notice for taking corrective
measures.
Performance of Application will not be degraded while our solution is
implemented.
Our solution maps large dataset into a small digital fingerprint (cryptic
image of the database) and will be under up gradation with every change in
main database by registered applications.
Desired fingerprints will be matched with Actual at preset intervals for
identifying the changed location in database, date
and time of
unauthorized changes, even made through privileged authority.
8. How ShieldDB protects…
Any unauthorized modification can be identified
and original data can be restored back.
Source of unauthorized access & Time of such
transactions can also to be tracked.
The key to access the shieldDB database will be
divided among multiple users.
Reporting of incidences of security breaches
and related identity through e-mail / SMS.
9. ShieldDB Architecture
Application Service Delivery
Using J2EE
Security Service Delivery Using
J2EE
Application Service
Orchestration & Integration
Using J2EE
Security Service Orchestration
& Integration Using J2EE
Application Layer
Core & Common Business
Service using C++ and J2EE
ShieldDB Security
Layer using C++ and
J2EE
Security
Server
Database Layer (ORACLE/ Sybase/DB2/MSSQL/MYSQL etc.)
OS Layer (UNIX / Linux/Solaris/ Windows/ IBM z/OS etc.)
11. Core processes in ShieldDB
Fingerprint
Generation
Security
Server
Fingerprint
Updated
Fingerprint
Fingerprint
Updation
Fingerprint
Verification
Fingerprint
Generation
Fingerprint
Mail
Client
Database
Server
Fingerprint
Comparison
Verification
Error
SMS
12. Configuration of ShieldDB Security Server
Hardware:
• Standard mid-range Server
• Server configuration depending upon transactions &
Data volume
System Software:
• Server- Windows 2008 /Red Hat Linux/ Solaris
• Client - Windows XP/ Vista/ Windows 7
• Java Runtime Environment (JRE) 1.5
• Apache Tomcat Server 5.5 / 6.0
• IE 9 / Mozilla Firefox 16.0 / Google Chrome 22.0
• Database as in Production environment
13. Support requirement - Implementation
• Access permission of Production database is
essential for formation of Digital finger print of
database and Updation required for matching. p
• Separate ShieldDB Server
• Identification of crucial Tables / Columns
• List
of
authorized
applications
and
corresponding tables in database.
• Database
• JAVA 1.7 (JRE and JDK)
• Apache Tomcat 6.0
15. ShieldDB Error Reporting As on Fri Sep 20, 2013- 16:59:14
Error Description
Table Name
Value
before
Updation
Value
after
Updation
Unauthorized change made in Col = 3 of Row No = 2
DEPT
DALllllll
DALl
Unauthorized change made in Col = 2 of Row No = 3
DEPT
SALE
SAL
Unauthorized change made in Col = 3 of Row No = 7
BONUS
7512
7
Unauthorized change made in Col = 9 of Row No = 3687
BIG_DATA
7000
70
Unauthorized change made in Col = 7 of Row No = 5116
BIG_DATA
9000
90
16. ShieldDB Features
Serial
No.
PRODUCT
FEATURES
Version – 1
Version – 2
1
Restricted Access to Sensitive Data
2
Customized Policy Administration
3
Security Audit(Point of Access &
Logging Details Detection)
4
Unauthorized Access Detection
5
Session Management and Access
Control Mechanism
6
Alert generation and Built in Report
7
Data Management Tools
8
Integration with other Application
17. Product Highlights/Benefits to client
At present similar innovative product with indicated
functionalities and effective alert system is not
available
Incorporation of user-specific reporting tools.
Robust algorithm based on Statistical Techniques.
No serious effect on optimum performance of
Production Server
Works without interacting AUDIT TRAIL
Assist management to monitor integrity of database
Support multiple Database Platforms.
Intellectual Consultancy for ShieldDB provided by
academicians of Indian Statistical Institute, Kolkata.
19. Protech Infosystems Pvt. Ltd. – A Snapshot
Incorporated in 2007 in INDIA.
ISO 9001:2008 Certified Company
Experienced team of Management & Professionals
Maturity in IT, ITES and GIS Projects
Experience in Multiple Domains & Technologies
Business Associates from different Industries
20. Protech Infosystems Pvt. Ltd. – Goals
Create impact in Information Technology
Early Return on Investment
Grow at a manageable pace
Fulfill Social Responsibility
Meeting Financial Target
Generate Large client base
Diversification in R&D
Focus in identified Niche Area
21. IT’S THE BEGINNING OF THE JOURNEY
THANK YOU
Office: AQ-13/1, 4th Floor, Salt Lake,
Sector-V, Kolkata-700091
Contacts: +91 (33) 6541 1317 / +91 98300 10867(M)
E-mail:
corporate@ptinfosys.com
Website: www.ptinfosys.com