Establish authorities and responsibilities for database

Part 1: Project Identification and Business Environment —
Address the following topics as they apply to your policy:
1. Establish authorities and responsibilities for database security management.
2. Develop operational and incident management procedures when security breaches are discovered.
3. Define personnel and procedures for daily administration and maintenance of security policies.
Part 2: Architecture and Operating System Considerations — 20 points
Address the following topics as they apply to your policy:
1. Define the architecture for your system. Does it use client server, web, or application servers? Given the architecture, elaborate on what methods will be used in your database to support this architecture. Consider the following elements in the formulation of your policy:
o Integration of DBMS security with client applications and operating systems
o Integration of DBMS security with network operations
o Integration of DBMS security with server operating systems
o Integration of DBMS security with web servers and application servers
2. Define requirements as they relate to database security. This includes, but is not limited to: connection pooling, proxies, application roles, file permissions, privileged accounts, password requirements, and other methods appropriate to your selection.
Part 3: User Accounts and Password Administration — 30 points
Address the following topics as they apply to your policy:
1. User administration
2. Password policies
3. Profile definitions and assignments. What is the criterion for assignment of a profile to an account?
Part 4: Privileges and Roles — 30 points
Address the following topics as they apply to your policy.
1. Security model selection
2. Roles, including privileged roles assignment and administration and role policies
3. System privileges
4. Object privileges