The Request for Proposal

The Request for Proposal

Introduction

Database security or safety is a prevalent concern indicated by the increasing number of reported cases of unauthorized access to or loss of sensitive data. Moreover, as the data amount collected, stored, and shared electronically expands, the need for enhanced database security also increases. It is based on the fact that it is the most critical segment associated with the information technology landscape. As a result, this request for proposal (RFP) critically focuses on the database security assessment to effectively present the relevant vendors with appropriate specifications about the practical and secured database technology needed by the concerned organization. Besides, this paper will effectively achieve its primary purpose by comprehensively encompassing the organization overview, work context, vendor security standards, as well as the defensive models. The paper will also comprehensively explore and establish defensive database techniques, including the requirement statement regarding the system structure. The components of the operating system security and the requirements for MILS (Multiple Independent Levels of Security), will also be critically analyzed and established in this request for proposal (RFP).

The Organization Overview

The Henry Ford Health System is a US-based HDO (Health Database Organization) that effectively acquires and maintains health-related information from diversified sources within the health sector (Murga-Zamalloa et al., 2019). Besides, the organization focuses on tracking the patients’ overall functional condition six months after the health treatment, including the costs associated with their care.

Individuals or Departments That Will Utilize Security Concerns Prevalent to Every RDBMS

One of the departments that will utilize security concerns prevalent to RDBMS is the hospital’s medical records department. Besides, this department will purposefully use the security concerns to ensure increased confidentiality, security, and privacy of the various patients’ health records (Harrington, 2016).  The federal agency will also utilize the security concerns prevalent to all RDBMS to adequately and confidentially secure the suspect’s medical records in the period of investigation to offer protection against worldwide terrorism.

The Data Types That May Be Saved in The System, Including the Importance of Enhancing Safety of These Data

The data types that may be saved or stored in the system include demographic, administrative, including the health status and health risk data. The demographic data encompasses facts like gender, age, race, marital status, residence address, including emergency information. Moreover, the administrative data covers facts on health insurance like membership and eligibility, dual coverage, including the necessary deductibles and copayments for a particular benefit package (Harrington, 2016). The health status and health risks data include facts on genetic factors and family history, including health risk-related information, which demonstrates the lifestyle and behavior of a particular patient. For instance, whether a specific individual utilizes tobacco related products or regularly engages in very strenuous exercises. Furthermore, the importance of enhancing data security is that efficient and adequate data security establishes trust. It protects the HDO’s (Health Database Organization) reputation and establishes it as the brand that individuals can confidently trust with their health-related data.

The context for The Work

Attributes Associated with The Database

The primary attributes related to the database include inclusiveness and comprehensiveness. Inclusiveness refers to a situation in which populations within a geographic region are encompassed within a database. Therefore, a highly inclusive database approaches the inclusion of about one hundred percent of the populations that its designers or developers plan to cover (Harrington, 2016). Moreover, this database is very inclusive since it aims to provide health information that adequately reflects the whole population of a given region or area, regardless of the category of insurance.

Additionally, comprehensiveness, as another primary database attribute, outlines the completeness of the patient care events’ records, including the information relevant to a specific patient (Harrington, 2016). Besides, the database is comprehensive since it adequately and completely encompasses administrative data, demographic data, medical history of the patient, current management associated with the health conditions, including outcomes data.

The Environment Within Which the Database Will Operate

The database environment refers to the components’ system that effectively regulates the collection, management, and utilization of data. Moreover, it encompasses hardware, software, procedures, people, including the relevant data itself (Harrington, 2016). Also, the database will mainly operate within the personal, client-server as well as the distributed computing environment.

The Security Concepts as Well as The Concerns Regarding the Database

The database security covers a broad range of security measures or controls appropriately established to protect the DBMS (Database Management System). Moreover, some of the multiple monitors related to database security include access, authentication, and database auditing. The efficient restriction of access to valuable data is the crucial outcome associated with database security (Dhirani et al., 2016). Besides, the database auditing is critical in detecting, deterring, and minimizing the general impact of illegitimate access to sensitive data. Also, authentication is another viable database security measure that effectively focuses on the appropriate verification of the user’s credentials to ensure that only authenticated users can effectively access networks, data, including the database platform.

Contrarily, apart from the various database security concepts such as authentication, access, and data auditing, there exist several database security concerns, which include deployment failures, data leaks, including stolen back-ups of the databases. Besides, the absence of efficient care when they are adequately deployed is one of the prevalent database vulnerability cause. It is attributed to the fact that no adequate checks are conducted to determine if the database is not performing operations that it should not be performing (Dhirani et al., 2016). Moreover, the data leaks are another serious security concern since hackers can rely on the database networking interface to exploit the traffic type. Furthermore, another security concern is that some of the organization’s employees can steal database back-ups for revenge, money, or profit.

Security Assurance as Well as The Security Functional Requirements for The Database That Contain Information for Medical Personnel and Emergency Responders

Security assurance refers to the guarantee of security privileges, access control, including enforcement in time when users effectively interact with various applications (Emeka, 2019). Moreover, some security assurance regarding the database that covers the information associated with emergency responders and medical personnel includes increased access control, sufficient authentication, and increased data integrity.

Consequently, the relevant and efficient security functional requirements should be established and implemented to ensure sufficient security assurance regarding the database that encompasses information related to the emergency responders as well as the medical personnel. The functional security requirements to be implemented will relate to effective access control, increased database integrity, and sufficient authentication, and they will particularly outline the functional behavior that enhances security (Emeka, 2019). As a result, some of the functional security requirements will include protection of user data and password used to enhance increased authentication, including the execution of security audits. For example, security assurance of increased access control will be ensured by protecting user data, which involves the establishment and implementation of access control policies and rules.

Besides, effective authentication will be enhanced through valid passwords that are the most viable mechanisms for effective authentication (Emeka, 2019). Additionally, security assurance related to increased data integrity will be enhanced through the execution of security audits, which will ensure the data’s trustworthiness, consistency, and accuracy during its whole life cycle.

Vendor Security Standards

The Globally Accepted Standards That Competing Vendors Will Include in The Database

Some of the globally accepted standards that competing vendors will integrate into the database are as subsequently presented in this RFP (Request for Proposal). First, the vendors have to ensure that an officially written information about security policies, including the procedures for information security administration is consistent with the existing ISO 27001:2013. Second, all the confidential and environmental data has to be stored within a secure place at the vendors’ facilities, as well as at any off-site places or locations that are very secure (Mohammad, 2019). Additionally, vendors have to utilize anti-virus software to effectively prevent, detect, and eliminate malicious programs like trojans, viruses, and spyware. Also, the vendors have to possess security as well as acceptance criteria designated for new, including upgraded networks or computers that can effectively store or access confidential information.

The Concepts as Well as Issues Concerning Disasters and Disaster Recovery, Mission Continuity, Threats and Cyberattacks

The disaster recovery and mission continuity are instrumental elements that can enable the HDO (Health Database Organization) to be safe from or effectively recover from the potential threats which range from natural disasters(earthquakes) to cyber-attacks (Mousa et al., 2020).  Both the disaster recovery and mission continuity enable the various health database organizations to adequately recover from the multiple disasters, minimize the data loss risk, and consequently enhance organizational operations while reducing the emergency chances.

The Defense Models

Definition of The Defense Models’ Use

The primary use of the existing defense models is to effectively provide multiple and redundant defensive measures in cases within which database security control fails to be effective or when the vulnerability related to database security is exploited (Bahill, & Madni, 2017). Moreover, the defense model’s application focuses on network security, end-user security, including product design.

The Essential Requirements in The Request for Proposal (RFP) For the Vendor to State Its Overall Defensive Principles

The primary requirements that are essential for the health database organization include confidentiality, integrity, as well as the availability of the relevant data. For instance, the Henry Ford Health System’s primary concern is ensuring high confidentiality associated with the classified patient’s health information (Bahill, & Madni, 2017). Besides, the HDO (Health Database Organization) is also concerned about the increased integrity control regarding the health data. Additionally, the Henry Ford Health System is also interested in ensuring that the relevant health data is readily available for appropriate use in various fields, such as the health research field.

Importance of Understanding the Defensive Principles

An adequate understanding of the various defensive principles is very important in enabling the vendors to effectively establish more diversified defensive strategies that can be incorporated into the database systems to enhance database security (Bahill, & Madni, 2017). For example, a comprehensive understanding of the defense-in-depth as the defensive principle can importantly enable the various competing vendors to establish and integrate redundant security strategies or approaches that effectively aims at reducing the chances of cyber-attacks.

How Enclave Computing Relates to Defensive Principles

Enclave computing primarily relates to defensive principles through its primary purpose of promoting data integrity and security, including the effective reduction of the threats associated with the cyber-attacks (Bahill, & Madni, 2017). Besides, this is attributed to the fact that both defensive principles and enclave computing aim at serving the same purpose of protecting valuable information and data.

The Computing Boundary Defense

The computing boundary defense is regarded as the company’s first line related to the protection against external threats. It primarily focuses on effective monitoring and control of the flow of data from and into the enclave. Consequently, the computing boundary defense effectively accomplishes its essential purpose by ensuring the adherence to some of the control measures, including firewalls, VPN (Virtual Private Networks), and guards upon the remote users (Bahill, & Madni, 2017). Moreover, the firewall ensures the computing boundary defense’s effectiveness by safeguarding the internal systems of information against external attacks.

The Various Environments the Databases Will Be Operating In, Including the Applicable Security Policies

The databases will majorly operate in the personal, client-server, as well as the distributed computing environments. Besides, within the environment of personal computing, there exists a single system of a computer. All the processes of the system exist on the computer and are consequently executed there. Furthermore, in the client-server computing environment, the client or customer makes requests, and the server, therefore, provides the requested resource (Harrington, 2016). The distributed computing environment within which the databases will operate in contains several nodes that are separate physically but are connected through the use of a network. Moreover, some of the security policies that may apply to the mentioned computing environments include system, data, user security policies.

The Defensive Database Methods

The Threats and Risks Associated with The Database

Some of the threats and risks related to the database include injections, neglected databases, as well as malware. Besides, injection is a prevalent vulnerability attack of the database security, which exploits the weakness of web software to facilitate malicious activities like account impersonation (Mousa et al., 2020). Moreover, malware is another potential risk or threat that can negatively affect various devices and result in illegitimate access to confidential or sensitive data without the owners’ consent. Also, neglect of databases or the absence of back-up storage media protection is another potential threat related to database security.

Possible Recommendations to The Identified Threats

The HDO (Health Database Organization) should implement the new advanced software-oriented defenses that protect the database from malware and viruses, including other potential threats to database security (Mousa et al., 2020). Also, viable security rules and policies should be established and effectively implemented to reduce the preventable security risks associated with the database. For instance, the security policies that discourage the neglect of the databases.

Requirement Statement for System Structure

For a web interface to effectively enable healthcare providers and patients to modify, view, or update their databases, there must be a clear and explicit security policy established within the web interface system. Moreover, for the web interface to enable integrated data access across several systems, access to the system’s information has to be mediated depending on the identification of the relevant user (Bahill, & Madni, 2017). Also, to effectively avoid data exfiltration via external media, there have to be software and hardware mechanisms that hinder data exfiltration. For example, the use of software that detects and prevents malicious theft of data.

The Operating System Security Components

Requirements Regarding the Segmentation By Operating System Rings

One of the requirements regarding the segmentation by the rings of the operation system is the use of mechanisms established to prevent segmentation violations and enhance memory safety (Bahill, & Madni, 2017).  The programming language such as Java should utilize a garbage collection mechanism to effectively avoid specific categories of memory errors, which can result in a segmentation violation.

A Process That Could Violate Segmentation Mechanism

One of the processes that can result in the violation of the segmentation mechanism is malicious mobile code (Bahill, & Madni, 2017). It may refer to any software established to intentionally modify the systems of the computer without the operator’s or owners’ consent.

Requirement Statements That Encompass A TPM (Trusted Platform Module)

The TPM (Trusted Platform Module) has to incorporate several physical security mechanisms for it to be tamper-resistant and prevent malicious software from tampering with its security functions.

Expected Security Gain from Incorporating TPM

The expected security benefit from integrating the TPM is increased authentication (Röpke & Holz, 2016). Besides, this is attributed to the fact that PCR (Platform Configuration Registry) and passwords are the only means to restrict access to valuable information. Therefore, the TPM would effectively ensure that they are adequately authenticated.

Requirement Statements That Comply with The TCB (Trusted Computing Base)

The requirement statement that complies with the TCB standard would outline that authorization methods should encompass PCR values and passwords.

Examples of Components to Consider in the TCB

Some of the components that should be considered within the TCB include the kernel configuration files that control the operation of the system, including any program run with access rights or privilege to alter the files of configuration or kernel.

Requirements About How to Ensure Protection of The Components

The requirement statement related to how the components should be protected could outline that the methods or techniques of authorization/authentication should encompass PCR values, passwords, including the physical presence of the relevant computer user.

The Requirements for MILS (Multiple Independent Levels of Security)

Some of the requirements for the MILS (Multiple Independent Levels of Security) include non-bypassable, evaluatable, and tamperproof. Non-bypassable as a requirement implies that a component cannot utilize any other communication path and mechanisms of a lower level to bypass security monitor. Also, evaluatable, as another requirement, implies that any trusted or certified component may be evaluated or analyzed to the assurance level expected in relation to that component (Röpke & Holz, 2016). Additionally, tamperproof as another requirement for the MILS implies that the system monitors or controls the “modify” rights to the monitor code of security, data, and configuration: hindering unauthorized changes.

Definitions and Stipulations for Cybersecurity Models

The definitions, as well as stipulations regarding the models of cybersecurity, encompasses Biba Integrity, Bell-LaPadulla, and Chinese Wall models, as subsequently outlined in this RFP.

The Biba Integrity Model

The Biba Integrity is regarded as the formal transition system of a state, associated with the security policy of computers, which outlines the access control policies established to ensure adequate data integrity(Röpke & Holz, 2016). Besides, one of the stipulations associated with Biba Integrity is that a subject at a particular level of clearance cannot read or comprehend data at the lower categorization. As a result, this hinders subjects from illegal access to information at the level of lower integrity.

Limitations of The Utilization of The Biba Integrity Model

One of the limitations of the utilization of the model is that it does not enforce confidentiality (Röpke & Holz, 2016). Also, the model does not support the revocation and granting of the authorization.

The Bell-LaPadulla Model

The Bell-LaPadulla model is considered the official state transition approach associated with the computer security rule or policy that outlines access control policies or regulations that utilize security labels upon objects, including clearance regarding subjects (Röpke & Holz, 2016). Moreover, one of the stipulations related to the Bell-LaPadulla is that a subject within any given security level cannot read or comprehend an object within the level of higher security.

Limitations of The Utilization of The Bell-LaPadulla

One of the limitations related to the use of the Bell-LaPadulla is that it does not have policies or rules for changing or modifying the control of access data (Röpke & Holz, 2016). Another limitation is that the model is designed for systems with levels of static security.

The Chinese Wall Model

The Chinese Wall Approach or Model is considered a security ideal that focuses on confidentiality and establishes its utilization within the commercial environment (Röpke & Holz, 2016). Furthermore, one of the Chinese Wall’s stipulations is that access can be granted to the object if it belongs to a similar company set.

Limitations of The Chinese Wall Model

One of the limitations regarding the utilization of the Chinese Wall is that its application is too rigid since it relies on mandatory policies (Röpke & Holz, 2016). For example, the strict use of the no inquiry principles outlined by the Chinese Wall may be very restrictive in several circumstances.

Requirements for Addressing Insecure Data Handling

One of the requirements for addressing the insecure data handling is that only designated workforce should have authorized access to sensitive data or media (Röpke & Holz, 2016). Another requirement is that procedures and policies about how to handle sensitive data effectively should be effectively promulgated.

References

Bahill, A. T., & Madni, A. M. (2017). Discovering system requirements. In Tradeoff Decisions in System Design (pp. 373-457). Springer, Cham.

Dhirani, L., Newe, T., & Nizamani, S. (2016). Tenant-Vendor and Third-Party Agreements for the Cloud: Considerations for Security Provision. International Journal of Software Engineering and Its Applications, 10(12), 449-460.

Emeka, B. O. (2019). Integrating Functional and Security Requirements Analysis using SOFL for Software Security Assurance.

Harrington, J. L. (2016). Relational database design and implementation. Morgan Kaufmann.

Mohammad, N. (2019). A Multi-Tiered Defense Model for the Security Analysis of Critical Facilities in Smart Cities. IEEE Access, 7, 152585-152598.

Mousa, A., Karabatak, M., & Mustafa, T. (2020, June). Database Security Threats and Challenges. In 2020 8th International Symposium on Digital Forensics and Security (ISDFS) (pp. 1-5). IEEE.

Murga-Zamalloa, C., Polk, A., Hanel, W., Chowdhury, P., & Brown, N. (2019). Henry Ford Health System Scholarly Commons.

Röpke, C., & Holz, T. (2016). On network operating system security. International Journal of Network Management, 26(1), 6-24.