Professional Documents
Culture Documents
2010
Walmart 2.5 petbytes EMC
IDC 2007 Digital Universe 2012
1,800 exabyte
2010 2
The Economistss Special Report on Managing Information
data breaches
2012
Personally Identifiable Information
IDC estimates that the buying and selling of stolen and compromised identities has become a billion-dollar
industry.
surveillance
Gartner
DAMDAM
DBMSlog (separation of duties)
DAM DAM
DAM
regulatory compliance PCI-DSSHIPAA SOX
Database Audit
non-invasive
real-timeNon-Repudiation
- regulatory compliance
interoperability
IT
Audit Trail
a security-relevant chronological record, set of records, or destination and
source of records that provide documentary evidence of the sequence of activities that have affected at any
time a specific operation, procedure, or event
portPortocolSQL
network-based
agent-based
agent network-based agent-based
DBMS
Pipe/Bequath
agent
footprint
high availability
information assurance
ajax
dashboard
User Experience
regulatory
compliance
n-tiered web
middle-ware
middle-ware
originator
web data miningmachine learning
correlation
audit trail
iMPERVA 2006 2009 US 7640235 - System and method for
correlating between HTTP requests and SQL queries
interoperability
iMPERVA 2006
2005
DAM
DAM
sql injection
insider abuse
anomaly detection
misuse detection
2011 mind map
audit trail
information governance
Defence in Depth
multi-layer
Blurkerlab Defense in Depth
Defense in Depth
insider abuse
DAM
Gartner 2011
Hype Cycle Hype Cycle
DAMThrough of DisillusionmentSlope of Enlightment
inflection point
Gartner DAM
DAM
Guardium
Defense in Depth
successive barriers
Information
Assurance
http://dx.doi.org/10.1016/j.ijcip.2008.08.001
R.B. Natan, Eight Steps to Holistic Database Security, IATAC IANewsletter, Spring. 2010, pp.34-35.
M. Nicolett and J. Wheatman, Overview: DAM Technology Provides Monitoring and Analytics With Less
Overhead, Gartner, Nov.20, 2007. [Online]: available - http://www.gartner.com/id=548614
C. Perrin, Understanding Layered Security and Defense in Depth, blog 18 Dec. 2008;
http://www.techrepublic.com/blog/security/understanding-layered-security-and-defense-in-depth/703
L. Ponemon, Cost of a data breach climbs higher, blog, 8 Mar. 2011;
http://www.ponemon.org/blog/post/cost-of-a-data-breach-climbs-higher
B. von Solms and R. von Solms, The 10 deadly sins of information security management, Computers &
Security, vol. 23, no. 5, pp. 371-376, Jul. 2004. [Online]. Available:
http://dx.doi.org/10.1016/j.cose.2004.05.002
J. Wheatman, Ten Database Activities Enterprises Need to Monitor, Gartner, Apr. 20, 2010.
[Online].avilable: - http://www.gartner.com/id=1361013
J. Wheatman, The Future of Database Activity Monitoring, Gartner, Jun. 22, 2010. [Online].available:
http://www.gartner.com/id=1389340
J. Wheatman and M. Nicolett, Database Activity Monitoring Market Overview, Gartner, Feb. 3, 2009.
[Onlined].avilable: http://www.gartner.com/DisplayDocument?ref=seo&id=873513
VerizonBusiness, Data Breach Investigation Report,;
http://www.verizonbusiness.com/Products/security/dbir/