S 2.131 Separation of administrative tasks for database systems

Initiation responsibility: Head of IT Section, IT Security Management

Implementation responsibility: IT Security Management, Administrators

Administrators need to be appointed in order to ensure the proper operation of database systems. In addition to general administrative tasks, these persons are responsible, in particular, for the management of users and related access rights. They are also responsible for fulfilling the security requirements of the database systems in use.

In addition to the safeguards mentioned in S 2.26 Designation of an administrator and his deputy and S 3.10 Selection of a trustworthy administrator and his substitute, particular attention must be paid to the following items where database systems are concerned.

In principle, a distinction must be made between two types of administrator roles:

• General technical administration of database software

• Administration for individual applications

These two types of administration tasks must be performed by different persons in order to separate application-specific and general administrative activities relating to the database.

Basic operation of the database management system, maintenance of data backups and archiving of data are examples of a general technical database administration.

In contrast, the application-specific administration involves fulfilling the individual requirements which applications generate for the database. This includes, for example, management of the related database objects, providing users with support in the case of problems and queries, and management of database IDs. The latter activity is only possible if the management of the database IDs of each application is supported by the database software using an appropriate authorisation concept, i.e. if it can be separated from the general access control.

The general administrator configures the application-specific administrator accounts together with the related access rights. This includes, in particular, the right to create databases. In contrast, rights for individual users should be granted separately for each application-specific database, by the responsible application-specific administrator in each case.

Additional controls:

• Have the administrative roles been separated?

• Which administrators have been appointed for the general administration of the database software and the administration of individual applications?

• How is the interaction between the administrators coordinated? Have their tasks and responsibilities been specified in writing?