Documentation - V-233598

V-233598

Crunchy Data PostgreSQL Security Technical Implementation Guide

CAT II

Title

PostgreSQL must protect against a user falsely repudiating having performed organization-defined actions.

Description

<VulnDiscussion>Non-repudiation of actions taken is required in order to maintain data integrity. Examples of particular actions taken by individuals include creating information, sending a message, approving information (e.g., indicating concurrence or signing a contract), and receiving a message. Non-repudiation protects against later claims by a user of not having created, modified, or deleted a particular data item or collection of data in the database. In designing a database, the organi...

Fix Text (Documentation Requirement)

Note: The following instructions use the PGDATA and PGVER environment variables. See supplementary content APPENDIX-F for instructions on configuring PGDATA and APPENDIX-H for PGVER. Configure the database to supply additional auditing information to protect against a user falsely repudiating having performed organization-defined actions. Using "pgaudit", PostgreSQL can be configured to audit these requests. See supplementary content APPENDIX-B for documentation on installing pgaudit. To ensure logging is enabled, review supplementary content APPENDIX-C for instructions on enabling logging. Modify the configuration of audit logs to include details identifying the individual user: First, as the database administrator (shown here as "postgres"), edit postgresql.conf: $ sudo su - p...

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel