CCC Data Warehouse
A data warehouse is a centralized repository designed to store, manage, and analyze large volumes of data from various sources.
Release Details
Version:
DEV
Assurance Level:
Release Manager:
DB
Development Build
Contributors
DT
Development Team
Change Log
- Development build - no formal changelog available
Capabilities
| ID | Title | Description | Threat Mappings |
|---|---|---|---|
| CCC.DataWar.F01 | Centralized Data Repository | Acts as a centralized repository where data from various sources is consolidated, making it easier to manage and analyze large volumes of data. | 1 |
| CCC.DataWar.F02 | Optimized Query Performance | Handles complex queries on large datasets efficiently using techniques such as indexing and partitioning. | 1 |
| CCC.DataWar.F03 | Scalability | Ability to scale with growing data volumes and handle multiple queries simultaneously without compromising the performance. | 1 |
| CCC.DataWar.F04 | Column Storage | Stores data in columns rather than rows for efficient data retrieval. | 0 |
| CCC.DataWar.F05 | SQL Based Querying | Supports SQL based querying on the data sets with specific enhancements and optimization for data warehousing. | 0 |
| CCC.DataWar.F06 | Data Types | Ability to store processed structured and semi-structured data optimized for querying and analysis. | 0 |
| CCC.DataWar.F07 | Massively Parallel Processing (MPP) | Distributes queries across multiple nodes for increased performance. | 0 |
| CCC.DataWar.F08 | Materialized Views | Ability to store results of a query into physical tables for faster data retrieval and improved query performance for complex queries. | 0 |
| CCC.DataWar.F09 | Column-Level Security | Allows setting access policies at the column level to restrict access to sensitive data fields within tables. | 0 |
| CCC.DataWar.F10 | Row-Level Security | Enables setting access policies at the row level to control access to subsets of data within a table based on user roles. | 0 |
| CCC.DataWar.F11 | Integration with Data Sources | Seamless integration with various data sources such as object storage, relational and non-relational databases, data streams and data lakes. | 0 |
| CCC.DataWar.F12 | Integration with ETL | Integration with services that perform extract, transform and load data from various sources into the data warehouse. Unstructured data in transformed to structured or semi-structured data before ingestion to the data warehouse using ETL tools. | 0 |
| CCC.DataWar.F13 | Integration with ML | Build-in integration with machine learning services for enhanced processing of large volumes of complex data with ML models for predictive analytics, automated insights and more. ML can be used in data cleansing and transformation for improved data quality as well. | 0 |
| CCC.DataWar.F14 | Real-time Metrics Publication | Ability to continuously track and analyze data as it is ingested, processed and stored to ensure data quality, operational efficiency, scalability and security. | 0 |
| CCC.DataWar.F15 | Cross-Region Replication | Ability to replicate data to multiple regions for high availability, disaster recovery and low-latency access. | 0 |
| CCC.DataWar.F16 | View Creation and Access | Supports the creation of views (can be logical or material) to abstract and simplify access to underlying data. Views can be created with custom queries to expose subsets of data. These views are accessible by users and applications with appropriate permissions. | 0 |
| CCC.Core.F01 | Encryption in Transit Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to transmission via a network interface. | 0 |
| CCC.Core.F02 | Encryption at Rest Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to being written to a storage medium. | 0 |
| CCC.Core.F03 | Access Log Publication | The service automatically publishes structured, verbose records of activities performed within the scope of the service by external actors. | 3 |
| CCC.Core.F04 | Transaction Rate Limits | The service can throttle, delay, or reject excess requests when transactions exceed a user-specified rate limit, and always provides industry-standard throughput up to that limit. | 1 |
| CCC.Core.F06 | Access Control | The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes. | 1 |
| CCC.Core.F07 | Event Publication | The service automatically publishes a structured state-change record upon creation, deletion, or modification of data, configuration, components, or child resources. | 2 |
| CCC.Core.F08 | Data Replication | The service automatically replicates data across multiple deployments simultaneously with parity, or may be configured to do so. | 2 |
| CCC.Core.F11 | Backup | The service can generate copies of its data or configurations in the form of automated backups, snapshot-based backups, or incremental backups. | 1 |
| CCC.Core.F12 | Recovery | The service can be reverted to a previous state by providing a compatible backup or snapshot identifier. | 1 |
| CCC.Core.F14 | API Access | The service exposes a port enabling external actors to interact programmatically with the service and its resources using HTTP protocol methods such as GET, POST, PUT, and DELETE. | 1 |
| CCC.Core.F19 | Resource Scaling | The service may be configured to scale child resources automatically or on-demand. | 1 |
Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.DataWar.TH01 | Unauthorized Public Access to Datasets | Datasets may be unintentionally made publicly accessible, either at the dataset level or via IAM policies, allowing unauthorized users to read or modify sensitive data, leading to data breaches and compliance violations. | 1 | 1 | 0 |
| CCC.DataWar.TH02 | Data Exfiltration via Unauthorized Views | Attackers may create or exploit unauthorized views to access sensitive data without proper permissions, leading to data leakage. | 1 | 1 | 0 |
| CCC.DataWar.TH03 | Exposure of Sensitive Data through Inadequate Column-Level Security | Lack of proper column-level security can lead to unauthorized users accessing sensitive data fields, resulting in data breaches. | 1 | 1 | 0 |
| CCC.Core.TH01 | Access is Granted to Unauthorized Users | Logic designed to give different permissions to different entities may be misconfigured or manipulated, allowing unauthorized entities to access restricted parts of the service, its data, or its child resources. This could result in a loss of data confidentiality or tolerance of unauthorized actions which impact the integrity and availability of resources and data. | 1 | 1 | 7 |
| CCC.Core.TH02 | Data is Intercepted in Transit | Data transmitted by the service is susceptible to collection by any entity with access to any part of the transmission path. Packet observations can be used to support the planning of attacks by profiling origin points, destinations, and usage patterns. The data may also be vulnerable to interception or modification in transit if not properly encrypted, impacting the confidentiality or integrity of the transmitted data. | 1 | 1 | 1 |
| CCC.Core.TH03 | Deployment Region Network is Untrusted | Systems are susceptible to unauthorized access or interception by actors with social or physical control over the network in which they are deployed. If the geopolitical status of the deployment network is untrusted, unstable, or insecure, this could result in a loss of confidentiality, integrity, or availability of the service and its data. | 1 | 1 | 1 |
| CCC.Core.TH04 | Data is Replicated to Untrusted or External Locations | Systems are susceptible to unauthorized access or interception by actors with political or physical control over the network in which they are deployed. Confidentiality may be impacted if the data is replicated to a network where the geopolitical status is untrusted, unstable, or insecure. | 1 | 1 | 2 |
| CCC.Core.TH05 | Interference with Replication Processes | Misconfigured or manipulated replication processes may lead to data being copied to unintended locations, delayed, modified, or not being copied at all. This could lead to compromised data confidentiality and integrity, potentially also affecting recovery processes and data availability. | 1 | 1 | 0 |
| CCC.Core.TH06 | Data is Lost or Corrupted | Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of. | 1 | 1 | 0 |
| CCC.Core.TH07 | Logs are Tampered With or Deleted | Tampering or deletion of service logs will reduce the system's ability to maintain an accurate record of events. Any actions that compromise the integrity of logs could disrupt system availability by disrupting monitoring, hindering forensic investigations, and reducing the accuracy of audit trails. | 1 | 1 | 1 |
| CCC.Core.TH08 | Runtime Metrics are Manipulated | Manipulation of runtime metrics can lead to inaccurate representations of system performance and resource utilization. This compromised data integrity may also impact system availability through misinformed scaling decisions, budget exhaustion, financial losses, and hindered incident detection. | 1 | 1 | 0 |
| CCC.Core.TH09 | Runtime Logs are Read by Unauthorized Entities | Unauthorized access to logs may expose valuable information about the system's configuration, operations, and security mechanisms. This could jeopardize system availability through the exposure of vulnerabilities and support the planning of attacks on the service, system, or network. If logs are not adequately sanitized, this may also directly impact the confidentiality of sensitive data. | 1 | 1 | 1 |
| CCC.Core.TH10 | State-change Events are Read by Unauthorized Entities | Unauthorized access to state-change events can reveal information about the system's design and usage patterns. This opens the system up to attacks of opportunity and support the planning of attacks on the service, system, or network. | 1 | 1 | 0 |
| CCC.Core.TH11 | Publications are Incorrectly Triggered | Incorrectly triggered publications may disseminate inaccurate or misleading information, creating a data integrity risk. Such misinformation can cause unintended operations to be initiated, conceal legitimate issues, and disrupt the availability or reliability of systems and their data. | 1 | 1 | 0 |
| CCC.Core.TH12 | Resource Constraints are Exhausted | Exceeding the resource constraints through excessive consumption, resource-intensive operations, or lowering of rate-limit thresholds can impact the availability of elements such as memory, CPU, or storage. This may disrupt availability of the service or child resources by denying the associated functionality to users. If the impacted system is not designed to expect such a failure, the effect could also cascade to other services and resources. | 1 | 1 | 0 |
| CCC.Core.TH13 | Resource Tags are Manipulated | When resource tags are altered, it can lead to misclassification or mismanagement of resources. This can reduce the efficacy of organizational policies, billing rules, or network access rules. Such changes could cause compromised confidentiality, integrity, or availability of the system and its data. | 1 | 1 | 0 |
| CCC.Core.TH14 | Older Resource Versions are Used | Running older versions of child resources can expose the system to known vulnerabilities that have been addressed in more recent versions. If the version identifier is detected by an attacker, it may be possible to exploit these vulnerabilities to compromise the confidentiality, integrity, or availability of the system and its data. | 1 | 1 | 0 |
| CCC.Core.TH15 | Automated Enumeration and Reconnaissance by Non-human Entities | Automated processes may be used to gather details about service and child resource elements such as APIs, file systems, or directories. This information can reveal vulnerabilities, misconfigurations, and the network topology, which can be used to plan an attack against the system, the service, or its child resources. | 1 | 1 | 1 |
Controls
| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.DataWar.C01 | Enforce Use of Managed Views for Data Access | Ensure that data access is provided through managed views, restricting users from accessing underlying tables directly and enforcing consistent security policies. | Data | 1 | 3 | 1 |
| CCC.DataWar.C02 | Enforce Column-Level Security Policies | Ensure that access to sensitive data columns is restricted based on user roles, preventing unauthorized access to sensitive information. | Data | 1 | 3 | 1 |
| CCC.DataWar.C03 | Enforce Row-Level Security Policies | Ensure that access to data rows is restricted based on user roles or attributes, preventing unauthorized access to specific subsets of data. | Data | 1 | 3 | 1 |
| CCC.Core.C01 | Encrypt Data for Transmission | Ensure that all communications are encrypted in transit to protect data integrity and confidentiality. | Data | 1 | 8 | 5 |
| CCC.Core.C02 | Encrypt Data for Storage | Ensure that all data stored is encrypted at rest using strong encryption algorithms. | Data | 1 | 7 | 1 |
| CCC.Core.C06 | Restrict Deployments to Trust Perimeter | Ensure that the service and its child resources are only deployed on infrastructure in locations that are explicitly included within a defined trust perimeter. | Data | 1 | 4 | 2 |
| CCC.Core.C09 | Ensure Integrity of Access Logs | Ensure that access logs are always recorded to an external location that cannot be manipulated from the context of the service(s) it contains logs for. | Data | 3 | 5 | 3 |
| CCC.Core.C10 | Restrict Data Replication to Trust Perimeter | Ensure that data is only replicated on infrastructure in locations that are explicitly included within a defined trust perimeter. | Data | 1 | 4 | 1 |
| CCC.Core.C03 | Implement Multi-factor Authentication (MFA) for Access | Ensure that all sensitive activities require two or more identity factors during authentication to prevent unauthorized access. | Identity and Access Management | 1 | 6 | 4 |
| CCC.Core.C05 | Prevent Access from Untrusted Entities | Ensure that secure access controls enforce the principle of least privilege to restrict access to authorized entities from explicitly trusted sources only. | Identity and Access Management | 1 | 8 | 6 |
| CCC.Core.C04 | Log All Access and Changes | Ensure that all access attempts are logged to maintain a detailed audit trail for security and compliance purposes. | Logging & Monitoring | 1 | 5 | 3 |
| CCC.Core.C07 | Alert on Unusual Enumeration Activity | Ensure that logs and associated alerts are generated when unusual enumeration activity is detected that may indicate reconnaissance activities. | Logging & Monitoring | 1 | 4 | 2 |