Islington College

Project Specification Document

1. Project Details
Project Title: Different Methodology to Secure the Database
Students Name and Id: Santosh Timilsina 11069922/1 1st Supervisor name: Mr Tashi Wangdue 2nd Supervisor: Mr Prakash Shrestha Date Approved: 13th Nov, 2011

1 Introduction to the Project

Database technologies are a core component of many computing systems. They allow data to be retained and shared electronically and the amount of data contained in these systems continues to grow at an exponential rate. Database security is a growing concern evidenced by an increase in the number of reported incidents of loss of or unauthorized exposure to sensitive data. The Privacy Rights Clearing House (2010) reports that more than 345 million customer records have been lost or stolen since 2005 when they began tracking data breach incidents, and the Ponemon Institute reports the average cost of a data breach has risen to $202 per customer record (Ponemon, 2009). The Verizon Business Risk Team, who has been reporting data breach statistics since 2004, examined 90 breaches during the 2008 calendar year. They reported that more than 285 million records had been compromised, a number exceeding the combined total from all prior years of study (Baker et al., 2009). Given the increasing number of beaches to database systems, there is a corresponding need to adopt different methodology to secure the database. Database security incorporates a wide array of security topics, like physical security, network security, encryption and authentication etc. Among the different methodologies of database security this project is focused on the backup and recovery methodology. This project focuses on the observation of database problems faced by a bank during operation. Within this context, different scenarios are taken into

Islington College
consideration and a proper procedure of database backup and recovery will be suggested to ensure all data are available although hacked or mishandled. This case study will be carried out in Global Bank, situated in Kathmandu Nepal, in a database environment using Oracle 10g as Database management System.

2 Aims of the project

The aim of this project is to find out how database backup and recovery methodology, among different methodology to secure database can be used to secure the data of Global bank Ltd, where Oracle 10g is used as DBMS, based on the different cases of problem faced. So that at any circumstances like system failure, system crash, database crash, theft hacking etc all the data are retained properly without loss and inconsistency.

3 Deliverables of the project

With the end of the project, a comprehensive report of different cases of database security related problems solved using the backup and recovery methodology of database security would serve as a reference guide and solutions for similar problems in future. The following things are delivered at the end of the project: Database problems log: It logs different problems of database faced. Maintenance log: It contains what different procedure followed to make the data into previous state. A comprehensive report: Based on the different problems and solution a report is prepared suggesting an appropriate methodology to secure the database using backup and recovery.

Islington College
4 Suggested Starting Point
I will visit the Global Bank Ltd located in Kathmandu. I will inquire to the database personnel about the DBMS being used and inform them about this research. Based on the information provided by them I will plan for further steps. I will gain the information about the techniques they are using in comparison with the global trend. To get the information about database technology used in global market I will go through documents review. After that I will get acquainted with the problems during the database operations.

5 Estimated Costing and Resources Required

This project requires a database environment to carry on this research. For this, I will use the real-time database environment of the Global Bank. And for the testing purpose, I would set up a testing environment on this laptop and carry out the testing.

Islington College
6 Bibliography/References
Baker,W. H., Hutton, A., Hylender, C. D., Novak, C., Porter, C., Sartin, B., Tippett, P., & Valentine, J. A. (2009). The 2009 data breach investigations report. Verizon Business. Defense Information Systems Agency. (2004). Database security technical implementation guide, 7(1). Department of Defense. Ponemon, L. (2009). Fourth annual US cost of data breach study. Poneomon Institute sponsored by PGP Corporation. Privacy Rights Clearing House. (2010). Chronology of data breaches

Islington College
Nov 2011 Dec 2011 4/ 12 1/1 Jan 2012 8/1 15/ 1 22/1 29/1 Feb 2012 5/ 2 12/2 19/2 26/2 4/3 Mar 2012 11/3 18/3 25/ 3 1/4 Apr 2012 8/4 May 2012 6/5

ID 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

Task Name Initial Planning and Project Approval Project Selection and Preliminary Analysis Feasibility study Proposal Submission along with the Project Plan Get approval and Appointed in the Bank Get the information of Database Technology and techniques being used Literature Review and trainings Interim Report Submission Develop Objective Prepare Research Design Sample Design Cunstruction of Research Tool Collection of Data Problems log Analysis of Data and Validation Maintenance Log Generalization and Interpretation Report Prepatation Final Report Submission

Start 11/8/2011 11/8/2011 11/9/2011 11/13/2011 11/13/2011 11/15/2011 11/23/2011 1/15/2012 1/16/2012 1/18/2012 1/18/2012 1/25/2012 1/29/2012 3/25/2012 3/26/2012 4/17/2012 4/18/2012 4/26/2012 5/9/2012

Finish 11/22/2011 11/8/2011 11/11/2011 11/13/2011 11/14/2011 11/22/2011 1/13/2012 1/15/2012 1/17/2012 1/27/2012 1/24/2012 1/27/2012 3/20/2012 3/25/2012 4/17/2012 4/17/2012 4/25/2012 5/7/2012 5/9/2012

Duration
15/4 22/4 29/4

13d 1d 3d 0d 2d 7d 45d 0d 2d 9d 6d 3d 45d 0d 20d 0d 7d 10d 0d