Scribd
Upload
215 views4 pages

APU Hospital Database Security Analysis

Database assignment question for APU

Uploaded by

Kazi Farhan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
215 views4 pages

APU Hospital Database Security Analysis

Database assignment question for APU

Uploaded by

Kazi Farhan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Database Security Group Assignment Page 1 of 4

CT069-3-3 - Database Security Assignment


Group Assignment Case Study

Introduction

APU Hospital is an established hospital in Bukit Jalil, Kuala Lumpur. It caters for
residents around Klang Valley seeking medical treatment. The application developers
have completed the design and development of a medical database system to manage
APU Hospital day to day operation which includes staff, patient, appointment and
medication details. Each user will be given a unique user id and password to
connect to the database system and perform their tasks.

Your team of security experts have been appointed to evaluate the design, identify any
potential security related issues and propose improvements to make APU Hospital
database more secure. Refer to Appendix 1 for details on the initial database
implemented by the developers

Requirements - General
1. Confidentiality, Integrity, Availability, Functionality and Usability of the DB
must be achieved at all times
2. Superadmin must be able to perform appropriate DDL (such as create tables,
views , logins, users , encryption keys etc) and DML tasks to maintain high level
of functionality, availability and security of this DB
3. Sufficient and suitable protection must be provided to protect all data from
accidental and intentional exposure or deletion without compromising
functionality and usability
4. All data and data changes must be traceable and recoverable including in the event
of complete DB failure or loss.
5. All users must be able to log into the MS-SQL system using SQL Server
Management Studio and perform their own tasks. Assume that all users have
sufficient knowledge on writing and running SQL queries in the query
window.
6. All activities by all users (including attempt to do such activity) must be tracked.

1
Database Security Group Assignment Page 2 of 4

Requirements – Staff Table


7. There are 2 positions of staff - doctors and nurses
8. Staffs must be able to see their own details in full and in plain text form no matter
how it is stored in the DB
9. Staff must be able to update and verify their own details in full
10. All authenticated users must be able to see all staff name and office phone
numbers only

Requirements – Patient Table


11. Patient must be able to see their own details in full and in plain text form no
matter how it is stored in the DB
12. Patient must be able to update and verify their own details in full
13. Nurses and doctors must be able to see all patients name and phone numbers
14. Only nurses can update patient name and phone

Requirements – AppointmentAndDiagnosis Table


15. Only nurses can add or cancel appointments for patients to see doctor
16. Nurses can cancel an appointment or update the appointment datetime but only if
the doctor have not added any diagnosis details
17. Doctors can only add diagnosis details after an appointment is scheduled.
18. Patients must be able to see all their own diagnosis records including appointment
datetime, doctor name and diagnosis details
19. Doctors must be able to see ALL patients diagnosis details
20. A doctor must be able to update diagnosis details added by him/her only
21. Nurses must not be able to see diagnosis details

Note: Do not make any assumption on your own. Clarify with me if you have any
doubts.

To Do (Assignment Requirements):
In this assignment you are required to:
• Form and work in a group of 3-5 members. Each member is required to participate in
all tasks. All work must be equally distributed among team members. Provide
workload matrix, providing details of the actual work done by each member.

2
Database Security Group Assignment Page 3 of 4

• Implement COMPLETE and TESTED solutions to address ALL the


requirements as listed above.
• Marks will be awarded based on the correctness, coverage and depth of your solution
and clarity of your documentation.

Deliverables
A. Implementation (40%)
• Provide complete SQL code/script to implement your solution to address the security
issues as identified by your group.
• Merge everyone’s script into a single SQL script file and submit to Moodle.
• This submitted code will be used when you perform demo of your solution to me. No
additions or changes to the code will be allowed.
• Demo will be scheduled in the final 2 weeks of the semester (week 13 and 14).
• You will be challenged during demo to run different set of queries provided by
me to prove your solution is working and meeting ALL requirements.

B. Documentation (25%)
• Provide complete documentation in (PDF format) of your solution. Max 80 pages.
Font size =12, Font type is Times New Roman. Line spacing is 1.5 spacing.
• Include relevant code snippets in your documentation to explain your solution
wherever necessary.
• All solution must be clearly categorised to be under one of these categories
(Permission Management, Data Protection & Recovery & Auditing).
• All solutions must be adequately justified. Include test cases and results.
• Note: Clarify with me if you have any doubts.

3
Database Security Group Assignment Page 4 of 4

Appendix 1 – Initial DB

Create Database MedicalInfoSystem;


Go

Use MedicalInfoSystem
Go

Create Table Staff(


StaffID varchar(6) primary key, -- same as login name
StaffName varchar(100) not null,
HomeAddress varchar(200) not null, -- highly sensitive data
OfficePhone varchar(20),
PersonalPhone varchar(20), -- sensitive data
Position varchar(20)
)

Create Table Patient(


PatientID varchar(6) primary key, -- same as login name
PatientName varchar(100) not null,
Phone varchar(20), -- sensitive data
HomeAddress varchar(200) not null -- highly sensitive data
)

** This table manages patient-doctor appointment and diagnosis details


Create Table AppointmentAndDiagnosis(
DiagID int identity(1,1) primary key,
AppDateTime datetime not null,
PatientID varchar (6),
DoctorID varchar (6),
DiagDetails varchar(max) -- extremely sensitive data
)

Common questions

Powered by AI

To safeguard highly sensitive data like home addresses, encryption should be applied to stored data and data in transit. Role-based access controls should strictly limit who can view or modify this data. Periodic security audits and implementing robust authentication mechanisms, such as multi-factor authentication, can further protect sensitive information. Additionally, using advanced techniques like tokenization can provide another layer of security .

Balancing data availability with security involves implementing measures like data redundancy and failover systems to ensure uptime, while using encryption and stringent authentication methods to secure access. Database replication and load balancing can enhance availability without sacrificing security. User roles should be carefully managed to allow necessary access without introducing vulnerabilities, and ongoing monitoring can ensure compliance with both security and availability requirements .

Audit trails are critical in enforcing accountability and detecting unauthorized activities within APU Hospital's database. Logging should include user logins, data access attempts, changes to database structure, data modifications, and any failed access attempts. Such logs provide evidence for security breaches and support compliance with data protection standards by ensuring traceability of all actions performed in the database .

Allowing all authenticated users to perform SQL queries can lead to risks such as SQL injection attacks, unauthorized data access, and unintentional data alterations. Mitigation strategies include implementing parameterized queries to prevent SQL injection, enforcing stringent permissions to restrict query capabilities based on roles, and conducting regular security training for users to understand secure query practices. Also, logging and monitoring database activities can help detect and respond to suspicious activities promptly .

APU Hospital can ensure database recoverability by implementing regular and comprehensive data backups, including full, differential, and transaction log backups. The hospital should also establish a disaster recovery plan with clearly defined roles and procedures for restoration operations. Keeping backups offsite or using cloud storage solutions can protect against data loss from local disasters .

Restricting doctors to updating only their diagnosis details aligns with the principle of least privilege, ensuring accountability and reducing the risk of unauthorized data modification. This restriction prevents unauthorized changes to diagnosis data entered by other doctors, which maintains data accuracy and integrity. It also aligns with security best practices by ensuring that users are liable for their own entries while preventing potential abuses of access rights .

Restricting nurses’ access to diagnosis details is crucial for maintaining patient privacy and complying with data protection regulations. Diagnosis details are extremely sensitive, and accessing them requires proper authorization. By limiting access, APU Hospital ensures that only relevant medical personnel, such as doctors, have the information necessary for patient care, reducing the risk of data breaches and maintaining patient trust .

The primary security challenges for APU Hospital's database include ensuring data confidentiality by implementing access controls and encrypting sensitive information, maintaining data integrity through audit trails and constraints, and ensuring data availability via robust backup and recovery procedures. Confidentiality must protect sensitive data such as patient identities and diagnosis details from unauthorized access. Integrity requires that all data changes are logged and recoverable, preventing accidental or malicious alteration. Availability demands that the system remains operational even in adverse conditions like hardware failures .

Requiring superadmin-level permissions for DDL tasks, such as creating and altering tables or users, ensures that only highly trusted individuals with a comprehensive understanding of the database structure can make impactful changes. This minimizes the risk of unauthorized structural modifications, helps maintain data integrity and security, and prevents potential disruptions in database functionality critical for hospital operations .

User roles should be configured with specific permissions that align with job responsibilities, ensuring minimal privileges are granted. Doctors should only add and update their diagnosis entries, while nurses can manage appointments but not view diagnosis details. Patients should have access only to their records. Implementing roles such as 'Doctor', 'Nurse', and 'Patient' with tailored permissions prevents unauthorized data access and maintains security .

You might also like