{"title":"控制数据库管理员","authors":"G. W. Joseph, T. Engle","doi":"10.1080/19393559308551355","DOIUrl":null,"url":null,"abstract":"The data base administrator (DBA) function is an essential element of a properly operated data base system. Although the vast majority of DBAs maintain the highest ethical standards, it must be recognized that these individuals are commonly in a particularly powerful position with respect to the organization's information systems, possessing the ability to inflict significant harm. This article describes the typical functions of a DBA and the specific methods that a DBA could employ to manipulate an organization's data base for personal gain, for the gain of others, or for misdirected benefit to the organization itself. In addition, this article discusses a variety of internal control procedures that can be used to effectively mitigate the risk of such inappropriate activity. Finally, warning signs that may indicate an increased risk of inappropriate DBA activity are presented.","PeriodicalId":207082,"journal":{"name":"Inf. Secur. J. A Glob. Perspect.","volume":"68 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Controlling the Data Base Administrator\",\"authors\":\"G. W. Joseph, T. Engle\",\"doi\":\"10.1080/19393559308551355\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The data base administrator (DBA) function is an essential element of a properly operated data base system. Although the vast majority of DBAs maintain the highest ethical standards, it must be recognized that these individuals are commonly in a particularly powerful position with respect to the organization's information systems, possessing the ability to inflict significant harm. This article describes the typical functions of a DBA and the specific methods that a DBA could employ to manipulate an organization's data base for personal gain, for the gain of others, or for misdirected benefit to the organization itself. In addition, this article discusses a variety of internal control procedures that can be used to effectively mitigate the risk of such inappropriate activity. Finally, warning signs that may indicate an increased risk of inappropriate DBA activity are presented.\",\"PeriodicalId\":207082,\"journal\":{\"name\":\"Inf. Secur. J. A Glob. Perspect.\",\"volume\":\"68 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Inf. Secur. J. A Glob. Perspect.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/19393559308551355\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Inf. Secur. J. A Glob. Perspect.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/19393559308551355","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The data base administrator (DBA) function is an essential element of a properly operated data base system. Although the vast majority of DBAs maintain the highest ethical standards, it must be recognized that these individuals are commonly in a particularly powerful position with respect to the organization's information systems, possessing the ability to inflict significant harm. This article describes the typical functions of a DBA and the specific methods that a DBA could employ to manipulate an organization's data base for personal gain, for the gain of others, or for misdirected benefit to the organization itself. In addition, this article discusses a variety of internal control procedures that can be used to effectively mitigate the risk of such inappropriate activity. Finally, warning signs that may indicate an increased risk of inappropriate DBA activity are presented.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
