1 Database Auditing
نویسنده
چکیده
Government regulations and increased awareness of security issues have increased the auditing requirements of information technology systems. In this paper, we will discuss three government regulations and how they have impacted information technology systems. We classify database auditing systems by considering features of the basic components of an auditing system as proposed by Bishop: the logger, analyzer, and notifier. In addition, we will consider possible policy models that could be implemented. Finally we will survey three commercial database and third party auditing products according to the classification features, and discuss how they address the government regulations and general security needs.
منابع مشابه
Critical Assessment of Auditing Contributions to Effective and Efficient Security in Database Systems
Database auditing has become a very crucial aspect of security as organisations increase their adoption of database management systems (DBMS) as major asset that keeps, maintain and monitor sensitive information. Database auditing is the group of activities involved in observing a set of stored data in order to be aware of the actions of users. The work presented here outlines the main auditing...
متن کاملDatabase Auditing Design on Historical Data
Database Auditing is one of the major issues in information security. Lack of data auditing leads the business applications to the lost trail of business processes. To cope with auditing, historical data or temporal database is needed in order to track operations and actors of the operation with the time. Valid and transaction times are two major timestamps in temporal database. In this paper, ...
متن کاملSecurity and Auditing Protection Method for Statistical Database
According to the statistical data security and auditing requirement, an effective Security Protection Method and a Rules-based Statistical Data Auditing (RSDA) solution are given. In this article, we introduce the classification and expression of statistical auditing rule.
متن کاملGet Your Workload in Order: Game Theoretic Prioritization of Database Auditing
The quantity of personal data that is collected, stored, and subsequently processed continues to grow at a rapid pace. Given its potential sensitivity, ensuring privacy protections has become a necessary component of database management. To enhance protection, a number of mechanisms have been developed, such as audit logging and alert triggers, which notify administrators about suspicious activ...
متن کاملWhodunit: An Auditing Tool for Detecting Data Breaches
Commercial database systems provide support to maintain an audit trail that can be analyzed offline to identify potential threats to data security. We present a tool that performs data auditing that asks for an audit trail of all users and queries that referenced sensitive data, for example “find all queries and corresponding users that referenced John Doe’s salary in the last six months”. Our ...
متن کامل