Databases are perhaps the most critical resource of an enterprise, and therefore it is of prime importance to secure them. Standard database products have access control interfaces for setting permissions on the defined tables and columns of the database. Such access control interfaces can allow, deny, or revoke permissions for a given user and for a given operation on each database table and column.
Databases are managed by database administrators (DBAs), who determine access control settings for the database by participating in the design and implementation of the applications using the database and/or by reviewing suggestions made by the application developer or provider. The DBA obtains knowledge of users, groups, roles, and applications accessing the database. This information is not always readily and easily available.
In any case, the access control settings are configured on the basis of perceived application behavior, i.e., the application is expected to access specific parts of the database for specific operations, and as such, the DBA chooses to apply relevant access control settings. This process is complicated, since database applications are typically huge, with many components developed by large teams. Thus, to consolidate all the features to focus access to parts of the database for specific operations is almost impossible. As a result, it is often the case that unnecessarily loose (open) access control settings are applied to the database to account for the various unknowns.
These loose access control settings give rise to concerns that malicious individuals are thereby able to access parts of the database that could have been protected without disturbing access by benign individuals (or applications). They are not prevented from doing so by conventional techniques, since said access is within the bounds of permissible access settings as originally configured by the DBA.
What is needed is a solution for ensuring that minimal access control settings are applied to the database, so that each application can continue to function as usual, while avoiding loose settings.