This subject is available under ICMS undergraduate degrees, please click the button below to find an undergraduate course for you.
CYB202A
Specialisation
3 credit points
DAT101A Database Systems
Course level of study pre-requisite: a total of 12 credit points including ICT101A, ICT102A, ICT103A and DAT101A from level 100 core subjects prior to enrolling into level 200 core and specialisation subjects.
200
Databases are a critical component of any business regardless of the operational domain and their application span across diverse business areas. They hold confidential, sensitive, and valuable business assets, making them a prime target for cyberattacks. Since databases represent an essential corporate resource, database security is of a great importance in the organisation’s overarching information systems security architecture.
In this subject, students will be introduced to various types of database threats and security challenges, including a range of tools, controls, and measures designed to safeguard database confidentiality, integrity, and availability. They will exercise best practices to minimise the attack surfaces of databases, demonstrating a sound understanding of their architectures and applications as a key tenet of operational security.
Throughout the subject, students will explore multi-level database security models and apply modern methods and techniques to safeguard data breaches and ensure compliance with database security solutions that encapsulate encryption, key management, data masking, user access controls, activity monitoring, and auditing. They will also apply their SQL programming skills to treat SQL injection threats and vulnerabilities.
a) Explain and characterise contemporary database technologies, architectures, principles, and applications in an information security context as well as database security implications by trends such as noSQL and cloud databases.
b) Apply database security models, tools, and techniques, including SQL programming, used in database security lifecycle to protect information assets.
c) Demonstrate ability to securely install and configure database systems and conceptualise security architectures to safeguard database access.
d) Examine database security, identify threats and vulnerabilities, and outline potential countermeasures to implement database integrity.
e) Conduct database audits and vulnerability assessments to measure database risks and susceptibility to cyberattacks.
f) Analyse multilevel security database management systems (MLS/DBMS) models, including classification methods, encryption concepts, and their applications in enhancing data security.
No | Assessment Task | Weighting | Learning Outcomes |
1 | Database Analysis Report | 30% | a, b, c, d, e |
2 | Database Security Project | 40% | a, b, c, d |
3 | Case Study | 30% | e, f |
Broad Topics to be Covered:
Topic: |
Week 1: Fundamental Concepts
|
Week 2: Infrastructure Security Fundamentals for Database Operations
|
Week 3: SQL Language and Database Security
|
Week 4 – 5: Database Security and Access Control
|
Week 6: Database Vulnerabilities and Threats
|
Week 7 – 8: Database Vulnerability Management
Security testing for databases |
Week 9: Database Audits
|
Week 10: Cloud Database Security and Polyinstantiation
|
Week 11: Multilevel security models for the databases
|