Project 5: Database Security Assessment
Step 7: Provide Operating System Security Components

In the previous step, you composed requirement statements regarding the system setup. In this step, you will provide the operating system security components that will support the database and the security protection mechanisms.

Read these resources on operating system security. Then:

  1. Provide requirements for segmentation by operating system rings to ensure processes do not affect each other.
  2. Provide one example of a process that could violate the segmentation mechanism. Ensure your requirement statements prevent such a violation from occurring.

Specify requirement statements that include a trusted platform module (TPM), in which a cryptographic key is supplied at the chip level. In those specifications:

  1. Describe the expected security gain from incorporating TPM.
  2. Provide requirement statements that adhere to the trusted computing base (TCB) standard.
  3. Provide examples of components to consider in the TCB.
  4. Provide requirements of how to ensure protection of these components, such as authentication procedures and malware protection.

Read the following resources to familiarize yourself with these concepts:

Include this information in the RFP.

In the following step, you will write requirements for levels of security.