FEA020 - Database security hardening
| Feature ID | FEA020 |
| Subsystem the feature is part of | PrestaShop as a Service |
| Responsible person | Tugba Ilhan(0987) |
| Status | proposal |
Restrictions, requirements and use cases related to this feature
All relevant issues related to or contributing to the definition of the feature are gathered here
| [User Story 056] | As a Security Engineer, I want to secure database, so I can protect the data what is very important. |
| [User Story 057] | As a student, I want to learn how to hardening database, so that I can gain practical experience and improve my abilities in real-world scenarios. |
User interface mock-up
No changes to user interface
Testing / possible acceptance criteria
-
Database is configured with strong authentication and access control policies (e.g., user roles, least privilege). (Test Case)
-
Encryption at rest and in transit is enabled and verified for sensitive data. (Test Case)
-
Default accounts and unused services are disabled or removed. (Test Case)
-
Audit logging is enabled to track access and configuration changes. (Test Case)
-
Student can follow documented steps to harden a test database and observe improved security posture. (Test Case)
-
Database passes a basic vulnerability scan or compliance checklist (e.g., CIS benchmarks). (Test Case)