際際滷

際際滷Share a Scribd company logo

120515 security framework2.20

Download as PPSX, PDF
skccsocial
skccsocial

SecurityFramework

1 of 20
Downloaded 30 times
2-2. DB 覲伎 Preview 覈 碁伎 螳 轟 DB螳 郁屋覃伎 一危 豢覓語 豈 蠍一覿 92 蟯KeyWord 蠏殊, 誤, Compliance 豢豌危 蠍一覦 Crypto Card蠍磯 誤蠏殊伎襭/誤 襭 RoadMap 蠍壱 焔レ 覓語 螳 -0- 誤覯貉ろ 蟲′覲碁
DB覲伎 螳 一危磯ゼ れ 覲伎朱 覿 覲危誤 豌願 覦 蠍一 豕蠏 蠍一一危, 螳語覲伎 譴 覦 Compliance讀螳襦 伎 DB覲伎 蟲: 語/蠏狩旧/螳 DB覲伎 覓語 覲伎蟯襴 DB襯 覈襯願 DB蟯襴 覲伎 覈襯碁. DB Vender襷 覲伎譴 螳螳 郁, 企 覯譯覦 觜 覲伎螳 磯ジ Performance/觜螳 襷 DB覲伎 蟯螻糾鴬 Domain 蟯伎 ろ語 蟯 螻糾鴬 DDOS: String 牛 NW Daemon down (BOF, 壱) NW Daemon壱 覦 讌螻糾鴬: 語れ 豬曙, 企れ 覲 牛 危轟 曙 語 襦語 螻糾鴬 覲 覲: 語谿 谿 牛 讌 語 覦焔: 覃覈襴譯 れ襯 覦焔 れ SQL, Procedure Injection SQL Injection: SQL覲, 貊, , BOF Procedure Injection: Embeded SQL, Cursors, DBMS麹 れ -1- 誤覯貉ろ 蟲′覲碁
DB覲伎 DB覲伎 蠍一 Domain Domain 蟯伎 Authentication れ 蟯襴 螳 語 : 豌伎語, 語, ID/password NW Daemonれ蟯襴, 蠍磯蓋 覲蟆 Authorization Public螻 , 危襴貅伎 覲蟆 蟆 ろ 蟠 Revoke, Any螻 蟠 Revoke Access Control DB Schema Design: Authorization螻ろ り 蠏殊企:MAC, DAC, RBAC Confidentiality 一危 誤(DBMS 旧 轟 襭) °一危 誤(SSL/TLS) Backup/Recovery Incremental/Full, 覦煙豈 Audit Trigger 譟一 DBMS螻 Audit Tool 伎(焔レ 螳 螻) 襷/螻れ 殊 App.轟 牛 豺願レ 譟( 覲伎螻 DB覲伎 讌 ) IT Compliance 譯殊(螳語覲企慨碁 ) 螳譬 覲伎蠍磯 磯ゴ 焔レ襯 螻ろ 覦譯 螳蠍磯レ DBMS Vender 磯 蠍磯レ姶願 朱襦 螻糾鍵 覲 蠍磯リ規 -2- 誤覯貉ろ 蟲′覲碁
DB覲伎 襭 譬襯 蠏殊 蟲覿 誤 Sniffing 覦 Server Agent 覦 Gateway 覦 矩慨旧螳 覯渚讌 覲伎蠍磯 玖ロ 覲伎 蠍磯 螻 玖ロ 覲伎 蠍磯 螻 玖ロ 覲伎 蠍磯 螻 DB覯 DB 覯 焔レ Agent 螳 れ讌 Agent れ襦 誤 DB 覯 伎 螳 レ 譴 覦 焔レ レ 譴 Gateway 蟲煙 磯ジ ル (5-10% 覿 ) DB覯 Agent レ襦 誤 レ 覦 伎 螳 苦誤 覦 語 豈 覩碁 (伎 or Bypass) 蟯襴 苦 豌 蠍磯レ螻 躯 螳螳 瑚係襾狩 矩 H/W 豢螳 矩 H/W 豢螳 レ 苦覯襷 Agent れ 襷 H/W 郁屋 螳 螳 矩一危 苦一危 覈磯 苦壱 蟲燕 覦企, 苦覲牛誤 覦 DB 焔 轟 蟲 覦 蟲燕 覦 覲伎 覦 レ煙 螻 襷 一企 豢豌: DB Safer -3- 誤覯貉ろ 蟲′覲碁
DB蠏殊 襭 朱蠍磯 語讌 語 谿 覦 れ螳 蟆所 蠍磯 覦 る語 蟠 れ 覦 谿 蠍磯 蟠 覲 螳 覈轟企ゼ SQL 覓 螳 覈磯 覦 ろ SQL覓/ろ螳//螳 覲 蟆 覦 豢 企リ襴 語 覦 ろ 覈轟 覲 企 蟯襴 覲伎豈 蟯襴 危 豈れ 覦 覦 蟆一蟯襴 譴 SQL 覈轟 / 轟(蟆一) 蠍磯 一危磯伎 企 旧 蠍壱 DBMS 牛 覈磯 轟 Data, Field Masking 蠍磯 -4- 誤覯貉ろ 蟲′覲碁
DB覲伎 襭 蠏朱逢 焔 朱 讌 襷, 豌企 蠏覈 危語 炎概 Reference 豢 蠏覈 危碁 覲 蠏 螳蟆 BPR 朱 ろ 豕 Master DB 覦 Virtual Identifier襯 伎 蟲 伎/危 螳螳 るる 襷 覈詩. (麹 Gateway 蠏狩旧) BPR 朱 襦語 覦 ろ 豕 螻殊 覲 CTO, CSO襯 蠏轟朱 伎 -5- 誤覯貉ろ 蟲′覲碁
2-3. DLP Preview 覈 碁伎 螳 蠍磯 一危 豢 螳/蠍磯/豢 谿 襭 蠍一覿 蟯KeyWord 豢豌危 蠍一覦 PC覦覯緒PC覲伎 襭DLP RoadMap 襭 螻 覓語 襷 螳 蠍壱 襷貅伎 豪讌 襷螻 蠍一 一レ 襾殊 蟆 -6- 誤覯貉ろ 蟲′覲碁
DLP(Data Loss Prevention) 螳 PC 蠍一 蠍磯 一危郁 碁襦 覦豢 蟆 螳螻 蠍磯覃謂, 豈 磯 豢 谿る 蟆 譯手鍵レ朱 蟲 襭 覿螳覦郁化 蠍一ヾ PC覲伎襭 螻 螳語覲企慨碁 Compliance 螳 螳蟲焔 覦 蠍磯 螳蟲焔 Data Classification Content Tracking Data Loss Prevention (Enforce Tagging Rules) (M aintain Tags) (Enforce Reaction Rules) 覯 覲旧 一危 Emails Endpoint DLP語ろ碁 覲 襭螳 襦 襦貉 覲蟆暑蟇磯 覃 覲 (豪, ) 危襴貅伎 企 讌 覲危 焔 一危 蠍磯レ 螻牛. 企 覲蟆 覃 覲蟆 語 るジ 覓語襦 伎 覲旧 焔 覓語 覓語襯 豢(Zip) 覓語 誤(Encr ypt ion) Removable media -7- 誤覯貉ろ 蟲′覲碁
DLP(Data Loss Prevention) 蠍磯 蟲覿 蠍磯 豺 覲 覿襯 殊覯 轟启 Contents 磯ジ 覿襯 れ, 螻豺 Data 覿襯 磯ジ 覿襯 レ, 危襴貅伎 Fingerprint 蟯襴 覲牛 蠍一 覿襯 USB 覃覈襴 覈 覓朱Μ レ 覿襯 炎 磯ジ 碁 覲旧 語 覈磯 谿 覲旧 & 覿 j鍵 覃 貂′ Data 豢覦讌 覃 企殊伎誤碁ゼ 牛 豢 谿 ろ語 危襴貅伎 牛 豢 覦讌 螻 ろ語 蟆暑谿 觚殊一襯 牛 ろ 谿 碁 覃 谿 Forensic 襦蠏 覦 覿 螳 覲 豢 讀蟇磯 讌 (Automatic Evidence Collection) れ螳 蟆所 (POP-UP MESSAGE) 蠍壱 Bypass 旧 豈 れ -8- 誤覯貉ろ 蟲′覲碁
DLP(Data Loss Prevention) 旧蠍磯レ Data 覿襯蠍磯 譬襯 By location 殊覯, 轟 启, 螻旧 殊企, PC れ, 蠏(譯朱朱, 覲伎ル ) By content thresholds(ex: 譯朱朱 100螳 伎) By file-type 轟 危襴貅伎覲 一危(doc, xls, SAP, BusinessObjects) Third Party レ牡螻 譴 By fingerprint Hash螳 伎 digital signature 豌企 蟲覦 螻れ 蠍一ヾ 覲伎 Policy 蟯螻, End User蟆所骸 譟壱 襭 螻 覦 蠍磯譴 れ れ 螻 覓語 -9- 誤覯貉ろ 蟲′覲碁
Access Control & Authentication Authorization Accounting - 10 - 誤覯貉ろ 蟲′覲碁
3-1. MAC/DAC/MLS Preview 覈 碁伎 螳 蠍壱 蠏殊 覈 蠍一覿 蟯KeyWord Secure OS 豢豌危 http://www.kangho.com/exploit/SEC/2-acessControl.html 蠍一覦 RoadMap 蠍壱 螳讌 蠏殊 覈語 谿 覦朱 豈 蠍壱 蟆 蟇一 . - 11 - 誤覯貉ろ 蟲′覲碁
MAC/DAC/MLS MAC (Mandatory Access Control) 襴: 譯殊牡 瑚 企, 螳豌企 覿襯 炎(覩手 企) 蠏狩螳 蟆一 譯殊牡 蠏碁9/覃碁 螳 瑚>覿襯: Access 瑚<覿襯: Deny 蟯襴 譴蟯襴(DAC 觜 一煙 伎) 蟲磯 覲旧′/觜 覩手讌 螻褐 : BLP(Bell-LaPadulla)覈, Biba覈, MLS Linux(Suse Linux, SELinux..) Vista/Server2008 FreeBSD DAC (Discretionary Access Control) 覲伎蟯襴/螳豌伎螳 豌譯殊牡 磯 蠏手 蟆一 : 語DB 蠏手 語螳覦 蟆一覃 語蟯覿 read蟠, 襾語 覿 蠏殊 覿. Access Matrix(Capability List, ACL)覈, Take-Grant覈, Action-Entity覈 覿襯 炎 : public, confidential, secret, top secret 覲伎 豬蠍 螳 朱襖 : 語覲 企 Secret 伎 炎 - 12 - 誤覯貉ろ 蟲′覲碁
MAC/DAC/MLS MLS (Multi-Level Security) 譯殊牡/螳豌企 襦語, , , 碁 貉危一 蟲覿 螳ロ 覈 蟆 企豪 蟲覿 蟲螳 蟆一 DAC/MAC 蠍 朱Μ 覈 願屋 螳 http://www.centos.org/docs/5/html/Deployment_Guide-en-US/sec-mls-ov.html No Read Up, No Write Down No Read up: Confidentiality 讌 覈 No Write Down: Integrity 讌 覈 - 13 - 誤覯貉ろ 蟲′覲碁
3-2. RBAC Preview 覈 碁伎 螳 螳 朱朱 螻 蠏殊 覈 蠍一覿 92 蟯KeyWord 一危 豢 豢豌危 http://www.kangho.com/exploit/SEC/2-acessControl.html 蠍一覦 RoadMap 蠍壱 - 14 - 誤覯貉ろ 蟲′覲碁
RBAC (Role Based Access Control) 螳 蟆 覿 蠏手碓 蠏狩旧襯 れ 覦覯 蠍一ヾ 蠏殊 覈語 覿 豢覦 MAC: 炎 れ 覈誤 蟆曙一 覿螳 DAC: 蟠, 蟯襴煙 螳 2. 覦一 1. 覦一 (U) (R) 蟠(P) 語(S) Object 3. Access RBAC 轟 蟯襴 , 螳, Least Privilege 蟲 螳 覓企襴: 瑚 螳 Data 豢: OS RWED 豢 螳(蠍, 豢蠍 ) 螳豌企襯: 覓伎 磯 覿襯, 蟠 蟲 螳 - 15 - 誤覯貉ろ 蟲′覲碁
RBAC (Role Based Access Control) RBAC SW 蟇一 覿覿 DBMS, OS, CORBA Web 蠍磯 Application 覦蟆 RBAC 蟲 USER ROLE Permission 覦一 U1: IRON R1: Admin R U1 : R1 R2: Owner W D - 16 - 誤覯貉ろ 蟲′覲碁
3-3. AAA Preview 覈 碁伎 覲伎 蠍磯蓋蠍磯レ朱 旧 AAA螳 語ろる 豌企 螳 螳 蠍一覿 蟯KeyWord Radius, Diameter (豕覩 AAA蠍一) 豢豌危 蠍一覦 /觜襤逸覲旧/襤/蠍一蟆暑 RoadMap 蠍壱 - 17 - 誤覯貉ろ 蟲′覲碁
AAA(Authentication/Authorization/Accounting) 螳 醐觜り覿螻手/螳 覲伎 蠍磯蓋, 觜/旧 瑚讌 譴 螳讌 伎 覦 譯殊 蠍磯 Authentication: 語 蟲 轟 讀覈, id/password/豈語/Smart Card Authorization: 蟲 覿 蟆一 Accounting: 伎 Audit 譯殊 語 襦貊 Radius UDP蠍磯, C/S, 覲 覲伎/Fail Over蠍磯 渚 螻手 螳 TACACS+ TCP蠍磯, CISCO, C/S 覲伎螳, CISCO NW蠍郁鍵 語 譯朱 Diameter TCP/SCTP蠍磯, P2P 覲伎螳 (IPSEC/TLS), 一企 レ Mobile IP(Roaming), Fail Over, 覃讌 豌襴蠍磯 レ - 18 - 誤覯貉ろ 蟲′覲碁
AAA(Authentication/Authorization/Accounting) AAA AAA襭: ISP譯殊 朱 : 朱 SW覲伎, IAM/EAM 螳濠 ロ襷 IPv6觜, Radius Diameter襦 螳豌 (螻手/覲伎/802.1x/NASRAQ/EAP/PKI讌 蠍磯 覿) Diameter Cellular ACR Diameter れ AAA觜 RAS Phone Diameter base 襦貊 蟲譟一 Fixed Phone VoIP 螳譬 GW 覿♀豸 Set-top Box Peer1 Peer2 - 19 - 誤覯貉ろ 蟲′覲碁

Recommended

覲伎碁碁 1 db覲伎, 豬曙 覿 why how when 20121025
覲伎碁碁 1 db覲伎, 豬曙 覿 why how when 20121025覲伎碁碁 1 db覲伎, 豬曙 覿 why how when 20121025
覲伎碁碁 1 db覲伎, 豬曙 覿 why how when 20121025
eungjin cho
讌瑚(Digital Guardian)
讌瑚(Digital Guardian)讌瑚(Digital Guardian)
讌瑚(Digital Guardian)
silverfox2580
Hillstone networks utm 2016
Hillstone networks utm 2016Hillstone networks utm 2016
Hillstone networks utm 2016
脚襴
Apani 螳襭 20110713
Apani 螳襭 20110713Apani 螳襭 20110713
Apani 螳襭 20110713
JaeWoo Wie
ClouDoc Intro (Korean)
ClouDoc Intro (Korean)ClouDoc Intro (Korean)
ClouDoc Intro (Korean)
sang yoo
ClouDoc brochure_kor_20160630
ClouDoc brochure_kor_20160630ClouDoc brochure_kor_20160630
ClouDoc brochure_kor_20160630
sang yoo
螳譟 _脚襴
螳譟 _脚襴螳譟 _脚襴
螳譟 _脚襴
脚襴
App check pro_譴_z
App check pro_譴_zApp check pro_譴_z
App check pro_譴_z
脚襴
企ろ ECM
企ろ ECM企ろ ECM
企ろ ECM
脚襴
Clou doc intro_kor_20160524
Clou doc intro_kor_20160524Clou doc intro_kor_20160524
Clou doc intro_kor_20160524
sang yoo
201412 epp mdm_
201412 epp mdm_201412 epp mdm_
201412 epp mdm_
脚襴
201412 一壱牛蟯襴
201412 一壱牛蟯襴201412 一壱牛蟯襴
201412 一壱牛蟯襴
脚襴
2014 mdlp 誤碁覿る
2014 mdlp 誤碁覿る 2014 mdlp 誤碁覿る
2014 mdlp 誤碁覿る
脚襴
企覲伎豢覦讌 : 誤 牛覲伎
企覲伎豢覦讌 : 誤 牛覲伎 企覲伎豢覦讌 : 誤 牛覲伎
企覲伎豢覦讌 : 誤 牛覲伎
脚襴
cloud security trend and case
cloud security trend and casecloud security trend and case
cloud security trend and case
suk kim
Talk IT_ CA_譟一_110930
Talk IT_ CA_譟一_110930Talk IT_ CA_譟一_110930
Talk IT_ CA_譟一_110930
Cana Ko
覃 貂′ 覦讌 襭
覃 貂′ 覦讌 襭覃 貂′ 覦讌 襭
覃 貂′ 覦讌 襭
脚襴
02. it覲危-覲伎 ろ豌
02. it覲危-覲伎 ろ豌 02. it覲危-覲伎 ろ豌
02. it覲危-覲伎 ろ豌
InGuen Hwang
伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
伎 ル 覲伎襭 (Non-ActiveX 蠍磯) 伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
脚襴
2014 pf filter 螳語覲_
2014 pf filter 螳語覲_2014 pf filter 螳語覲_
2014 pf filter 螳語覲_
脚襴
Guardium 一危 覲伎
Guardium 一危 覲伎Guardium 一危 覲伎
Guardium 一危 覲伎
覲企慨語牡螻
覲企慨語牡螻 覲企慨語牡螻
覲企慨語牡螻
脚襴
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Lee Chanwoo
ろ殊ろろ 朱蠍一 Z
ろ殊ろろ 朱蠍一 Zろ殊ろろ 朱蠍一 Z
ろ殊ろろ 朱蠍一 Z
脚襴
141224 覲企慨 summit る誤 v1.03 覦
141224 覲企慨 summit る誤 v1.03 覦141224 覲企慨 summit る誤 v1.03 覦
141224 覲企慨 summit る誤 v1.03 覦
Eunseong Kang
IT糾-04.覲伎 ろ豌
IT糾-04.覲伎 ろ豌IT糾-04.覲伎 ろ豌
IT糾-04.覲伎 ろ豌
InGuen Hwang
Cloud security & apani
Cloud security & apaniCloud security & apani
Cloud security & apani
JaeWoo Wie
壱觚 drm
壱觚 drm壱觚 drm
壱觚 drm
脚襴
[INFOREVER] 襴 #6
[INFOREVER] 襴 #6 [INFOREVER] 襴 #6
[INFOREVER] 襴 #6
skccsocial
語企Π一危郁Db螻 big data
語企Π一危郁Db螻 big data語企Π一危郁Db螻 big data
語企Π一危郁Db螻 big data
Sung Woo Leem

More Related Content

What's hot (20)

企ろ ECM
企ろ ECM企ろ ECM
企ろ ECM
脚襴
Clou doc intro_kor_20160524
Clou doc intro_kor_20160524Clou doc intro_kor_20160524
Clou doc intro_kor_20160524
sang yoo
201412 epp mdm_
201412 epp mdm_201412 epp mdm_
201412 epp mdm_
脚襴
201412 一壱牛蟯襴
201412 一壱牛蟯襴201412 一壱牛蟯襴
201412 一壱牛蟯襴
脚襴
2014 mdlp 誤碁覿る
2014 mdlp 誤碁覿る 2014 mdlp 誤碁覿る
2014 mdlp 誤碁覿る
脚襴
企覲伎豢覦讌 : 誤 牛覲伎
企覲伎豢覦讌 : 誤 牛覲伎 企覲伎豢覦讌 : 誤 牛覲伎
企覲伎豢覦讌 : 誤 牛覲伎
脚襴
cloud security trend and case
cloud security trend and casecloud security trend and case
cloud security trend and case
suk kim
Talk IT_ CA_譟一_110930
Talk IT_ CA_譟一_110930Talk IT_ CA_譟一_110930
Talk IT_ CA_譟一_110930
Cana Ko
覃 貂′ 覦讌 襭
覃 貂′ 覦讌 襭覃 貂′ 覦讌 襭
覃 貂′ 覦讌 襭
脚襴
02. it覲危-覲伎 ろ豌
02. it覲危-覲伎 ろ豌 02. it覲危-覲伎 ろ豌
02. it覲危-覲伎 ろ豌
InGuen Hwang
伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
伎 ル 覲伎襭 (Non-ActiveX 蠍磯) 伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
脚襴
2014 pf filter 螳語覲_
2014 pf filter 螳語覲_2014 pf filter 螳語覲_
2014 pf filter 螳語覲_
脚襴
Guardium 一危 覲伎
Guardium 一危 覲伎Guardium 一危 覲伎
Guardium 一危 覲伎
覲企慨語牡螻
覲企慨語牡螻 覲企慨語牡螻
覲企慨語牡螻
脚襴
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Lee Chanwoo
ろ殊ろろ 朱蠍一 Z
ろ殊ろろ 朱蠍一 Zろ殊ろろ 朱蠍一 Z
ろ殊ろろ 朱蠍一 Z
脚襴
141224 覲企慨 summit る誤 v1.03 覦
141224 覲企慨 summit る誤 v1.03 覦141224 覲企慨 summit る誤 v1.03 覦
141224 覲企慨 summit る誤 v1.03 覦
Eunseong Kang
IT糾-04.覲伎 ろ豌
IT糾-04.覲伎 ろ豌IT糾-04.覲伎 ろ豌
IT糾-04.覲伎 ろ豌
InGuen Hwang
Cloud security & apani
Cloud security & apaniCloud security & apani
Cloud security & apani
JaeWoo Wie
壱觚 drm
壱觚 drm壱觚 drm
壱觚 drm
脚襴
企ろ ECM
企ろ ECM企ろ ECM
企ろ ECM
脚襴
Clou doc intro_kor_20160524
Clou doc intro_kor_20160524Clou doc intro_kor_20160524
Clou doc intro_kor_20160524
sang yoo
201412 epp mdm_
201412 epp mdm_201412 epp mdm_
201412 epp mdm_
脚襴
201412 一壱牛蟯襴
201412 一壱牛蟯襴201412 一壱牛蟯襴
201412 一壱牛蟯襴
脚襴
2014 mdlp 誤碁覿る
2014 mdlp 誤碁覿る 2014 mdlp 誤碁覿る
2014 mdlp 誤碁覿る
脚襴
企覲伎豢覦讌 : 誤 牛覲伎
企覲伎豢覦讌 : 誤 牛覲伎 企覲伎豢覦讌 : 誤 牛覲伎
企覲伎豢覦讌 : 誤 牛覲伎
脚襴
cloud security trend and case
cloud security trend and casecloud security trend and case
cloud security trend and case
suk kim
Talk IT_ CA_譟一_110930
Talk IT_ CA_譟一_110930Talk IT_ CA_譟一_110930
Talk IT_ CA_譟一_110930
Cana Ko
覃 貂′ 覦讌 襭
覃 貂′ 覦讌 襭覃 貂′ 覦讌 襭
覃 貂′ 覦讌 襭
脚襴
02. it覲危-覲伎 ろ豌
02. it覲危-覲伎 ろ豌 02. it覲危-覲伎 ろ豌
02. it覲危-覲伎 ろ豌
InGuen Hwang
伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
伎 ル 覲伎襭 (Non-ActiveX 蠍磯) 伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
伎 ル 覲伎襭 (Non-ActiveX 蠍磯)
脚襴
2014 pf filter 螳語覲_
2014 pf filter 螳語覲_2014 pf filter 螳語覲_
2014 pf filter 螳語覲_
脚襴
Guardium 一危 覲伎
Guardium 一危 覲伎Guardium 一危 覲伎
Guardium 一危 覲伎
覲企慨語牡螻
覲企慨語牡螻 覲企慨語牡螻
覲企慨語牡螻
脚襴
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Sua 螳襭 2譯殊姶_蟯襴豌願(2014.03.18)_豕譬
Lee Chanwoo
ろ殊ろろ 朱蠍一 Z
ろ殊ろろ 朱蠍一 Zろ殊ろろ 朱蠍一 Z
ろ殊ろろ 朱蠍一 Z
脚襴
141224 覲企慨 summit る誤 v1.03 覦
141224 覲企慨 summit る誤 v1.03 覦141224 覲企慨 summit る誤 v1.03 覦
141224 覲企慨 summit る誤 v1.03 覦
Eunseong Kang
IT糾-04.覲伎 ろ豌
IT糾-04.覲伎 ろ豌IT糾-04.覲伎 ろ豌
IT糾-04.覲伎 ろ豌
InGuen Hwang
Cloud security & apani
Cloud security & apaniCloud security & apani
Cloud security & apani
JaeWoo Wie
壱觚 drm
壱觚 drm壱觚 drm
壱觚 drm
脚襴

Viewers also liked (15)

[INFOREVER] 襴 #6
[INFOREVER] 襴 #6 [INFOREVER] 襴 #6
[INFOREVER] 襴 #6
skccsocial
語企Π一危郁Db螻 big data
語企Π一危郁Db螻 big data語企Π一危郁Db螻 big data
語企Π一危郁Db螻 big data
Sung Woo Leem
Label based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQLLabel based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQL
Kohei KaiGai
壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03
壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03
壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03
Devgear
1 mysqlろ豎 v1
1 mysqlろ豎 v11 mysqlろ豎 v1
1 mysqlろ豎 v1
resoliwan
CouchDB - Introduction - Korean
CouchDB - Introduction - KoreanCouchDB - Introduction - Korean
CouchDB - Introduction - Korean
覈 Jerry Jeong
Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企
Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企
Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企
cranbe95
一危磯伎 ろ chapter3_STG覦
一危磯伎 ろ chapter3_STG覦一危磯伎 ろ chapter3_STG覦
一危磯伎 ろ chapter3_STG覦
ETRIBE_STG
Sua 覲企慨瑚襴豌願 豕譬_螳蟲
Sua 覲企慨瑚襴豌願 豕譬_螳蟲Sua 覲企慨瑚襴豌願 豕譬_螳蟲
Sua 覲企慨瑚襴豌願 豕譬_螳蟲
Lee Chanwoo
H3 2011 企襴 ろ豎 覦 螳覦覦覯
H3 2011 企襴 ろ豎 覦 螳覦覦覯H3 2011 企襴 ろ豎 覦 螳覦覦覯
H3 2011 企襴 ろ豎 覦 螳覦覦覯
KTH
Mongo DB 焔レ
Mongo DB 焔レ Mongo DB 焔レ
Mongo DB 焔レ
Jin wook
企至 覃 一危 伎誤一ろ瑚 ?
企至 覃 一危 伎誤一ろ瑚 ?企至 覃 一危 伎誤一ろ瑚 ?
企至 覃 一危 伎誤一ろ瑚 ?
Yongho Ha
語 螳覦 襦襷
語 螳覦 襦襷語 螳覦 襦襷
語 螳覦 襦襷
譴 螻
Social game programming footage 7 loading and storing via db cache system
Social game programming footage 7 loading and storing via db cache systemSocial game programming footage 7 loading and storing via db cache system
Social game programming footage 7 loading and storing via db cache system
Nettention
ERD襯 伎 DB 覈碁
ERD襯 伎 DB 覈碁ERD襯 伎 DB 覈碁
ERD襯 伎 DB 覈碁
Young D
[INFOREVER] 襴 #6
[INFOREVER] 襴 #6 [INFOREVER] 襴 #6
[INFOREVER] 襴 #6
skccsocial
語企Π一危郁Db螻 big data
語企Π一危郁Db螻 big data語企Π一危郁Db螻 big data
語企Π一危郁Db螻 big data
Sung Woo Leem
Label based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQLLabel based Mandatory Access Control on PostgreSQL
Label based Mandatory Access Control on PostgreSQL
Kohei KaiGai
壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03
壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03
壱殊伎 蟆曙 一危磯 蟯襴 覦 By 覦豺企磯 磯蠍一 2015.12.03
Devgear
1 mysqlろ豎 v1
1 mysqlろ豎 v11 mysqlろ豎 v1
1 mysqlろ豎 v1
resoliwan
CouchDB - Introduction - Korean
CouchDB - Introduction - KoreanCouchDB - Introduction - Korean
CouchDB - Introduction - Korean
覈 Jerry Jeong
Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企
Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企
Ndc2011 焔 レ__一危磯伎_ろ豎_蟲豢_覦_螳覦_螳企
cranbe95
一危磯伎 ろ chapter3_STG覦
一危磯伎 ろ chapter3_STG覦一危磯伎 ろ chapter3_STG覦
一危磯伎 ろ chapter3_STG覦
ETRIBE_STG
Sua 覲企慨瑚襴豌願 豕譬_螳蟲
Sua 覲企慨瑚襴豌願 豕譬_螳蟲Sua 覲企慨瑚襴豌願 豕譬_螳蟲
Sua 覲企慨瑚襴豌願 豕譬_螳蟲
Lee Chanwoo
H3 2011 企襴 ろ豎 覦 螳覦覦覯
H3 2011 企襴 ろ豎 覦 螳覦覦覯H3 2011 企襴 ろ豎 覦 螳覦覦覯
H3 2011 企襴 ろ豎 覦 螳覦覦覯
KTH
Mongo DB 焔レ
Mongo DB 焔レ Mongo DB 焔レ
Mongo DB 焔レ
Jin wook
企至 覃 一危 伎誤一ろ瑚 ?
企至 覃 一危 伎誤一ろ瑚 ?企至 覃 一危 伎誤一ろ瑚 ?
企至 覃 一危 伎誤一ろ瑚 ?
Yongho Ha
語 螳覦 襦襷
語 螳覦 襦襷語 螳覦 襦襷
語 螳覦 襦襷
譴 螻
Social game programming footage 7 loading and storing via db cache system
Social game programming footage 7 loading and storing via db cache systemSocial game programming footage 7 loading and storing via db cache system
Social game programming footage 7 loading and storing via db cache system
Nettention
ERD襯 伎 DB 覈碁
ERD襯 伎 DB 覈碁ERD襯 伎 DB 覈碁
ERD襯 伎 DB 覈碁
Young D

Similar to 120515 security framework2.20 (20)

[れ企D2SF] 觜 伎 Ncloud 覲伎蟲
[れ企D2SF] 觜 伎 Ncloud 覲伎蟲[れ企D2SF] 觜 伎 Ncloud 覲伎蟲
[れ企D2SF] 觜 伎 Ncloud 覲伎蟲
NAVER D2 STARTUP FACTORY
Advanced DQC-S
Advanced DQC-SAdvanced DQC-S
Advanced DQC-S
eungjin cho
2014 data 覲伎 螳企殊 蠏碁貉朱一 20140930
2014 data 覲伎 螳企殊 蠏碁貉朱一 201409302014 data 覲伎 螳企殊 蠏碁貉朱一 20140930
2014 data 覲伎 螳企殊 蠏碁貉朱一 20140930
eungjin cho
企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'
企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'
企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'
Softwide Security
110922 oracle ap
110922 oracle ap110922 oracle ap
110922 oracle ap
Cana Ko
壱 襴貅伎 蟲豢 覦 伎覦
壱 襴貅伎 蟲豢 覦 伎覦壱 襴貅伎 蟲豢 覦 伎覦
壱 襴貅伎 蟲豢 覦 伎覦
TJ Seo
[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦
[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦
[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦
K data
SoftCamp_Document_Security_5.0(S-work )
SoftCamp_Document_Security_5.0(S-work )SoftCamp_Document_Security_5.0(S-work )
SoftCamp_Document_Security_5.0(S-work )
脚襴
麹 麹
脚襴
Observability customer presentation samuel-2021-03-30
Observability customer presentation samuel-2021-03-30Observability customer presentation samuel-2021-03-30
Observability customer presentation samuel-2021-03-30
SAMUEL SJ Cheon
[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly
[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly
[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly
Ji-Woong Choi
Azure Databases for PostgreSQL MYSQL and MariaDB
Azure Databases for PostgreSQL MYSQL and MariaDBAzure Databases for PostgreSQL MYSQL and MariaDB
Azure Databases for PostgreSQL MYSQL and MariaDB
rockplace
201412 覓語覲伎
201412 覓語覲伎 201412 覓語覲伎
201412 覓語覲伎
脚襴
[ろれ雑ろ]れ 襴 襷願係伎 _v3
[ろれ雑ろ]れ 襴 襷願係伎 _v3[ろれ雑ろ]れ 襴 襷願係伎 _v3
[ろれ雑ろ]れ 襴 襷願係伎 _v3
Ji-Woong Choi
企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企
企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企
企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企
BESPIN GLOBAL
Openstack security(2018)
Openstack security(2018)Openstack security(2018)
Openstack security(2018)
Gasida Seo
企殊磯 貉危 蠍磯蓋 (Fundamentals)
企殊磯 貉危 蠍磯蓋 (Fundamentals)企殊磯 貉危 蠍磯蓋 (Fundamentals)
企殊磯 貉危 蠍磯蓋 (Fundamentals)
Ian Choi
Cross-Platfrom 蠍磯 Agent 螳覦
Cross-Platfrom 蠍磯 Agent 螳覦 Cross-Platfrom 蠍磯 Agent 螳覦
Cross-Platfrom 蠍磯 Agent 螳覦
ssuser2e5c461
Pg day seoul 2016 session_02_v1.0_ff
Pg day seoul 2016 session_02_v1.0_ffPg day seoul 2016 session_02_v1.0_ff
Pg day seoul 2016 session_02_v1.0_ff
PgDay.Seoul
MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...
MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...
MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...
覓瑚鍵 覦
[れ企D2SF] 觜 伎 Ncloud 覲伎蟲
[れ企D2SF] 觜 伎 Ncloud 覲伎蟲[れ企D2SF] 觜 伎 Ncloud 覲伎蟲
[れ企D2SF] 觜 伎 Ncloud 覲伎蟲
NAVER D2 STARTUP FACTORY
Advanced DQC-S
Advanced DQC-SAdvanced DQC-S
Advanced DQC-S
eungjin cho
2014 data 覲伎 螳企殊 蠏碁貉朱一 20140930
2014 data 覲伎 螳企殊 蠏碁貉朱一 201409302014 data 覲伎 螳企殊 蠏碁貉朱一 20140930
2014 data 覲伎 螳企殊 蠏碁貉朱一 20140930
eungjin cho
企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'
企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'
企殊磯 豕 DB 蠏殊 襭 '貎朱Μ(QueryPie) DAC'
Softwide Security
110922 oracle ap
110922 oracle ap110922 oracle ap
110922 oracle ap
Cana Ko
壱 襴貅伎 蟲豢 覦 伎覦
壱 襴貅伎 蟲豢 覦 伎覦壱 襴貅伎 蟲豢 覦 伎覦
壱 襴貅伎 蟲豢 覦 伎覦
TJ Seo
[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦
[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦
[2016 一危 蠏碁 貉朱一] 5 4(覲伎,讌). 覦血覲願鍵 貉危殊伎語 一危 蟯襴 覦
K data
SoftCamp_Document_Security_5.0(S-work )
SoftCamp_Document_Security_5.0(S-work )SoftCamp_Document_Security_5.0(S-work )
SoftCamp_Document_Security_5.0(S-work )
脚襴
麹 麹
脚襴
Observability customer presentation samuel-2021-03-30
Observability customer presentation samuel-2021-03-30Observability customer presentation samuel-2021-03-30
Observability customer presentation samuel-2021-03-30
SAMUEL SJ Cheon
[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly
[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly
[ろれ雑ろ]願鍵譬 WAS 企ろ磯 襭- Athena Dolly
Ji-Woong Choi
Azure Databases for PostgreSQL MYSQL and MariaDB
Azure Databases for PostgreSQL MYSQL and MariaDBAzure Databases for PostgreSQL MYSQL and MariaDB
Azure Databases for PostgreSQL MYSQL and MariaDB
rockplace
201412 覓語覲伎
201412 覓語覲伎 201412 覓語覲伎
201412 覓語覲伎
脚襴
[ろれ雑ろ]れ 襴 襷願係伎 _v3
[ろれ雑ろ]れ 襴 襷願係伎 _v3[ろれ雑ろ]れ 襴 襷願係伎 _v3
[ろれ雑ろ]れ 襴 襷願係伎 _v3
Ji-Woong Choi
企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企
企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企
企殊磯 覦煙螻 企殊磯 覦煙も 覃壱企殊磯 蟆曙 一危 螳 120% 覲 螳企
BESPIN GLOBAL
Openstack security(2018)
Openstack security(2018)Openstack security(2018)
Openstack security(2018)
Gasida Seo
企殊磯 貉危 蠍磯蓋 (Fundamentals)
企殊磯 貉危 蠍磯蓋 (Fundamentals)企殊磯 貉危 蠍磯蓋 (Fundamentals)
企殊磯 貉危 蠍磯蓋 (Fundamentals)
Ian Choi
Cross-Platfrom 蠍磯 Agent 螳覦
Cross-Platfrom 蠍磯 Agent 螳覦 Cross-Platfrom 蠍磯 Agent 螳覦
Cross-Platfrom 蠍磯 Agent 螳覦
ssuser2e5c461
Pg day seoul 2016 session_02_v1.0_ff
Pg day seoul 2016 session_02_v1.0_ffPg day seoul 2016 session_02_v1.0_ff
Pg day seoul 2016 session_02_v1.0_ff
PgDay.Seoul
MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...
MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...
MSA(Service Mesh), MDA(Data Mesh), MIA(Inference Mesh) 蠍一 -=@...
覓瑚鍵 覦

More from skccsocial (6)

130308 求求メメメпi 2
130308 求求メメメпi 2130308 求求メメメпi 2
130308 求求メメメпi 2
skccsocial
130122 求求メメメпi 1
130122 求求メメメпi 1130122 求求メメメпi 1
130122 求求メメメпi 1
skccsocial
蠍一蟆仰3
蠍一蟆仰3蠍一蟆仰3
蠍一蟆仰3
skccsocial
security framework2.20
security framework2.20security framework2.20
security framework2.20
skccsocial
security framework2.20
security framework2.20security framework2.20
security framework2.20
skccsocial
Security framework2
Security framework2Security framework2
Security framework2
skccsocial
130308 求求メメメпi 2
130308 求求メメメпi 2130308 求求メメメпi 2
130308 求求メメメпi 2
skccsocial
130122 求求メメメпi 1
130122 求求メメメпi 1130122 求求メメメпi 1
130122 求求メメメпi 1
skccsocial
蠍一蟆仰3
蠍一蟆仰3蠍一蟆仰3
蠍一蟆仰3
skccsocial
security framework2.20
security framework2.20security framework2.20
security framework2.20
skccsocial
security framework2.20
security framework2.20security framework2.20
security framework2.20
skccsocial
Security framework2
Security framework2Security framework2
Security framework2
skccsocial

120515 security framework2.20

  • 1. 2-2. DB 覲伎 Preview 覈 碁伎 螳 轟 DB螳 郁屋覃伎 一危 豢覓語 豈 蠍一覿 92 蟯KeyWord 蠏殊, 誤, Compliance 豢豌危 蠍一覦 Crypto Card蠍磯 誤蠏殊伎襭/誤 襭 RoadMap 蠍壱 焔レ 覓語 螳 -0- 誤覯貉ろ 蟲′覲碁
  • 2. DB覲伎 螳 一危磯ゼ れ 覲伎朱 覿 覲危誤 豌願 覦 蠍一 豕蠏 蠍一一危, 螳語覲伎 譴 覦 Compliance讀螳襦 伎 DB覲伎 蟲: 語/蠏狩旧/螳 DB覲伎 覓語 覲伎蟯襴 DB襯 覈襯願 DB蟯襴 覲伎 覈襯碁. DB Vender襷 覲伎譴 螳螳 郁, 企 覯譯覦 觜 覲伎螳 磯ジ Performance/觜螳 襷 DB覲伎 蟯螻糾鴬 Domain 蟯伎 ろ語 蟯 螻糾鴬 DDOS: String 牛 NW Daemon down (BOF, 壱) NW Daemon壱 覦 讌螻糾鴬: 語れ 豬曙, 企れ 覲 牛 危轟 曙 語 襦語 螻糾鴬 覲 覲: 語谿 谿 牛 讌 語 覦焔: 覃覈襴譯 れ襯 覦焔 れ SQL, Procedure Injection SQL Injection: SQL覲, 貊, , BOF Procedure Injection: Embeded SQL, Cursors, DBMS麹 れ -1- 誤覯貉ろ 蟲′覲碁
  • 3. DB覲伎 DB覲伎 蠍一 Domain Domain 蟯伎 Authentication れ 蟯襴 螳 語 : 豌伎語, 語, ID/password NW Daemonれ蟯襴, 蠍磯蓋 覲蟆 Authorization Public螻 , 危襴貅伎 覲蟆 蟆 ろ 蟠 Revoke, Any螻 蟠 Revoke Access Control DB Schema Design: Authorization螻ろ り 蠏殊企:MAC, DAC, RBAC Confidentiality 一危 誤(DBMS 旧 轟 襭) °一危 誤(SSL/TLS) Backup/Recovery Incremental/Full, 覦煙豈 Audit Trigger 譟一 DBMS螻 Audit Tool 伎(焔レ 螳 螻) 襷/螻れ 殊 App.轟 牛 豺願レ 譟( 覲伎螻 DB覲伎 讌 ) IT Compliance 譯殊(螳語覲企慨碁 ) 螳譬 覲伎蠍磯 磯ゴ 焔レ襯 螻ろ 覦譯 螳蠍磯レ DBMS Vender 磯 蠍磯レ姶願 朱襦 螻糾鍵 覲 蠍磯リ規 -2- 誤覯貉ろ 蟲′覲碁
  • 4. DB覲伎 襭 譬襯 蠏殊 蟲覿 誤 Sniffing 覦 Server Agent 覦 Gateway 覦 矩慨旧螳 覯渚讌 覲伎蠍磯 玖ロ 覲伎 蠍磯 螻 玖ロ 覲伎 蠍磯 螻 玖ロ 覲伎 蠍磯 螻 DB覯 DB 覯 焔レ Agent 螳 れ讌 Agent れ襦 誤 DB 覯 伎 螳 レ 譴 覦 焔レ レ 譴 Gateway 蟲煙 磯ジ ル (5-10% 覿 ) DB覯 Agent レ襦 誤 レ 覦 伎 螳 苦誤 覦 語 豈 覩碁 (伎 or Bypass) 蟯襴 苦 豌 蠍磯レ螻 躯 螳螳 瑚係襾狩 矩 H/W 豢螳 矩 H/W 豢螳 レ 苦覯襷 Agent れ 襷 H/W 郁屋 螳 螳 矩一危 苦一危 覈磯 苦壱 蟲燕 覦企, 苦覲牛誤 覦 DB 焔 轟 蟲 覦 蟲燕 覦 覲伎 覦 レ煙 螻 襷 一企 豢豌: DB Safer -3- 誤覯貉ろ 蟲′覲碁
  • 5. DB蠏殊 襭 朱蠍磯 語讌 語 谿 覦 れ螳 蟆所 蠍磯 覦 る語 蟠 れ 覦 谿 蠍磯 蟠 覲 螳 覈轟企ゼ SQL 覓 螳 覈磯 覦 ろ SQL覓/ろ螳//螳 覲 蟆 覦 豢 企リ襴 語 覦 ろ 覈轟 覲 企 蟯襴 覲伎豈 蟯襴 危 豈れ 覦 覦 蟆一蟯襴 譴 SQL 覈轟 / 轟(蟆一) 蠍磯 一危磯伎 企 旧 蠍壱 DBMS 牛 覈磯 轟 Data, Field Masking 蠍磯 -4- 誤覯貉ろ 蟲′覲碁
  • 6. DB覲伎 襭 蠏朱逢 焔 朱 讌 襷, 豌企 蠏覈 危語 炎概 Reference 豢 蠏覈 危碁 覲 蠏 螳蟆 BPR 朱 ろ 豕 Master DB 覦 Virtual Identifier襯 伎 蟲 伎/危 螳螳 るる 襷 覈詩. (麹 Gateway 蠏狩旧) BPR 朱 襦語 覦 ろ 豕 螻殊 覲 CTO, CSO襯 蠏轟朱 伎 -5- 誤覯貉ろ 蟲′覲碁
  • 7. 2-3. DLP Preview 覈 碁伎 螳 蠍磯 一危 豢 螳/蠍磯/豢 谿 襭 蠍一覿 蟯KeyWord 豢豌危 蠍一覦 PC覦覯緒PC覲伎 襭DLP RoadMap 襭 螻 覓語 襷 螳 蠍壱 襷貅伎 豪讌 襷螻 蠍一 一レ 襾殊 蟆 -6- 誤覯貉ろ 蟲′覲碁
  • 8. DLP(Data Loss Prevention) 螳 PC 蠍一 蠍磯 一危郁 碁襦 覦豢 蟆 螳螻 蠍磯覃謂, 豈 磯 豢 谿る 蟆 譯手鍵レ朱 蟲 襭 覿螳覦郁化 蠍一ヾ PC覲伎襭 螻 螳語覲企慨碁 Compliance 螳 螳蟲焔 覦 蠍磯 螳蟲焔 Data Classification Content Tracking Data Loss Prevention (Enforce Tagging Rules) (M aintain Tags) (Enforce Reaction Rules) 覯 覲旧 一危 Emails Endpoint DLP語ろ碁 覲 襭螳 襦 襦貉 覲蟆暑蟇磯 覃 覲 (豪, ) 危襴貅伎 企 讌 覲危 焔 一危 蠍磯レ 螻牛. 企 覲蟆 覃 覲蟆 語 るジ 覓語襦 伎 覲旧 焔 覓語 覓語襯 豢(Zip) 覓語 誤(Encr ypt ion) Removable media -7- 誤覯貉ろ 蟲′覲碁
  • 9. DLP(Data Loss Prevention) 蠍磯 蟲覿 蠍磯 豺 覲 覿襯 殊覯 轟启 Contents 磯ジ 覿襯 れ, 螻豺 Data 覿襯 磯ジ 覿襯 レ, 危襴貅伎 Fingerprint 蟯襴 覲牛 蠍一 覿襯 USB 覃覈襴 覈 覓朱Μ レ 覿襯 炎 磯ジ 碁 覲旧 語 覈磯 谿 覲旧 & 覿 j鍵 覃 貂′ Data 豢覦讌 覃 企殊伎誤碁ゼ 牛 豢 谿 ろ語 危襴貅伎 牛 豢 覦讌 螻 ろ語 蟆暑谿 觚殊一襯 牛 ろ 谿 碁 覃 谿 Forensic 襦蠏 覦 覿 螳 覲 豢 讀蟇磯 讌 (Automatic Evidence Collection) れ螳 蟆所 (POP-UP MESSAGE) 蠍壱 Bypass 旧 豈 れ -8- 誤覯貉ろ 蟲′覲碁
  • 10. DLP(Data Loss Prevention) 旧蠍磯レ Data 覿襯蠍磯 譬襯 By location 殊覯, 轟 启, 螻旧 殊企, PC れ, 蠏(譯朱朱, 覲伎ル ) By content thresholds(ex: 譯朱朱 100螳 伎) By file-type 轟 危襴貅伎覲 一危(doc, xls, SAP, BusinessObjects) Third Party レ牡螻 譴 By fingerprint Hash螳 伎 digital signature 豌企 蟲覦 螻れ 蠍一ヾ 覲伎 Policy 蟯螻, End User蟆所骸 譟壱 襭 螻 覦 蠍磯譴 れ れ 螻 覓語 -9- 誤覯貉ろ 蟲′覲碁
  • 12. 3-1. MAC/DAC/MLS Preview 覈 碁伎 螳 蠍壱 蠏殊 覈 蠍一覿 蟯KeyWord Secure OS 豢豌危 http://www.kangho.com/exploit/SEC/2-acessControl.html 蠍一覦 RoadMap 蠍壱 螳讌 蠏殊 覈語 谿 覦朱 豈 蠍壱 蟆 蟇一 . - 11 - 誤覯貉ろ 蟲′覲碁
  • 13. MAC/DAC/MLS MAC (Mandatory Access Control) 襴: 譯殊牡 瑚 企, 螳豌企 覿襯 炎(覩手 企) 蠏狩螳 蟆一 譯殊牡 蠏碁9/覃碁 螳 瑚>覿襯: Access 瑚<覿襯: Deny 蟯襴 譴蟯襴(DAC 觜 一煙 伎) 蟲磯 覲旧′/觜 覩手讌 螻褐 : BLP(Bell-LaPadulla)覈, Biba覈, MLS Linux(Suse Linux, SELinux..) Vista/Server2008 FreeBSD DAC (Discretionary Access Control) 覲伎蟯襴/螳豌伎螳 豌譯殊牡 磯 蠏手 蟆一 : 語DB 蠏手 語螳覦 蟆一覃 語蟯覿 read蟠, 襾語 覿 蠏殊 覿. Access Matrix(Capability List, ACL)覈, Take-Grant覈, Action-Entity覈 覿襯 炎 : public, confidential, secret, top secret 覲伎 豬蠍 螳 朱襖 : 語覲 企 Secret 伎 炎 - 12 - 誤覯貉ろ 蟲′覲碁
  • 14. MAC/DAC/MLS MLS (Multi-Level Security) 譯殊牡/螳豌企 襦語, , , 碁 貉危一 蟲覿 螳ロ 覈 蟆 企豪 蟲覿 蟲螳 蟆一 DAC/MAC 蠍 朱Μ 覈 願屋 螳 http://www.centos.org/docs/5/html/Deployment_Guide-en-US/sec-mls-ov.html No Read Up, No Write Down No Read up: Confidentiality 讌 覈 No Write Down: Integrity 讌 覈 - 13 - 誤覯貉ろ 蟲′覲碁
  • 15. 3-2. RBAC Preview 覈 碁伎 螳 螳 朱朱 螻 蠏殊 覈 蠍一覿 92 蟯KeyWord 一危 豢 豢豌危 http://www.kangho.com/exploit/SEC/2-acessControl.html 蠍一覦 RoadMap 蠍壱 - 14 - 誤覯貉ろ 蟲′覲碁
  • 16. RBAC (Role Based Access Control) 螳 蟆 覿 蠏手碓 蠏狩旧襯 れ 覦覯 蠍一ヾ 蠏殊 覈語 覿 豢覦 MAC: 炎 れ 覈誤 蟆曙一 覿螳 DAC: 蟠, 蟯襴煙 螳 2. 覦一 1. 覦一 (U) (R) 蟠(P) 語(S) Object 3. Access RBAC 轟 蟯襴 , 螳, Least Privilege 蟲 螳 覓企襴: 瑚 螳 Data 豢: OS RWED 豢 螳(蠍, 豢蠍 ) 螳豌企襯: 覓伎 磯 覿襯, 蟠 蟲 螳 - 15 - 誤覯貉ろ 蟲′覲碁
  • 17. RBAC (Role Based Access Control) RBAC SW 蟇一 覿覿 DBMS, OS, CORBA Web 蠍磯 Application 覦蟆 RBAC 蟲 USER ROLE Permission 覦一 U1: IRON R1: Admin R U1 : R1 R2: Owner W D - 16 - 誤覯貉ろ 蟲′覲碁
  • 18. 3-3. AAA Preview 覈 碁伎 覲伎 蠍磯蓋蠍磯レ朱 旧 AAA螳 語ろる 豌企 螳 螳 蠍一覿 蟯KeyWord Radius, Diameter (豕覩 AAA蠍一) 豢豌危 蠍一覦 /觜襤逸覲旧/襤/蠍一蟆暑 RoadMap 蠍壱 - 17 - 誤覯貉ろ 蟲′覲碁
  • 19. AAA(Authentication/Authorization/Accounting) 螳 醐觜り覿螻手/螳 覲伎 蠍磯蓋, 觜/旧 瑚讌 譴 螳讌 伎 覦 譯殊 蠍磯 Authentication: 語 蟲 轟 讀覈, id/password/豈語/Smart Card Authorization: 蟲 覿 蟆一 Accounting: 伎 Audit 譯殊 語 襦貊 Radius UDP蠍磯, C/S, 覲 覲伎/Fail Over蠍磯 渚 螻手 螳 TACACS+ TCP蠍磯, CISCO, C/S 覲伎螳, CISCO NW蠍郁鍵 語 譯朱 Diameter TCP/SCTP蠍磯, P2P 覲伎螳 (IPSEC/TLS), 一企 レ Mobile IP(Roaming), Fail Over, 覃讌 豌襴蠍磯 レ - 18 - 誤覯貉ろ 蟲′覲碁
  • 20. AAA(Authentication/Authorization/Accounting) AAA AAA襭: ISP譯殊 朱 : 朱 SW覲伎, IAM/EAM 螳濠 ロ襷 IPv6觜, Radius Diameter襦 螳豌 (螻手/覲伎/802.1x/NASRAQ/EAP/PKI讌 蠍磯 覿) Diameter Cellular ACR Diameter れ AAA觜 RAS Phone Diameter base 襦貊 蟲譟一 Fixed Phone VoIP 螳譬 GW 覿♀豸 Set-top Box Peer1 Peer2 - 19 - 誤覯貉ろ 蟲′覲碁
AboutCopyright
息 2025 際際滷