Operating and Database Systems

Operating systems and database systems are central software components for IT security, as they serve as infrastructure components or platforms on which other security measures are based. They are therefore of considerable importance for the security architecture. While operating systems provide the basic environment for software and are therefore crucial for the implementation of security policies, the importance of database systems lies in the management and storage of sensitive data. Accordingly, they are of central importance in terms of protecting this information from unauthorised access and data loss.

Operating systems (OS) and database management systems (DBMS) are susceptible to a variety of cyber risks. While attackers cause data loss in operating systems through unauthorised access and impair the availability and integrity of data communication, the risks in database systems are different. This is because they are susceptible to the infiltration of malicious commands in order to override access controls and authentication mechanisms as well as logging.

Securely developed operating systems ensure memory protection and isolation so that applications run in isolation and do not gain unauthorised access to the memory or resources of other applications. They also implement logging, monitoring, authentication and encryption mechanisms to further increase security.

Secure database systems (DBMS) with their database security functions are essential, especially in data-intensive applications. This is because they enable finely graded access control, role-based or attribute-based. In addition, there are functions such as encryption, data masking and anonymisation as well as audit and logging functions.