Extreme Blue © 2004 IBM Corporation Eunomia HDB Compliance Auditing System Architecture

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Eunomia system overview Two components:  Component 1: the logging tool will record the extra information necessary to determine “who accessed which data?”  Component 2: the audit tool will retrieve this information from the logs to answer questions about data access.

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Eunomia system overview Enterprise Application Eunomia Interface DB2 Log Retrieval API Audit Tool Requests for Personal Information Chief Privacy Officer

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Piece 1: The Logging Tool

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of logging from 50,000 feet Enterprise Application Eunomia Interface DB2 Enterprise Application DB2 Before:After: JDBC DB2 Driver API

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of logging from 50,000 feet We want to:  minimize overhead of storing extra logging information  defer as much computation expense as possible

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of logging from 50,000 feet Solution:  query logs – record all queries for data  transaction log – record all changes to data in the database in shadow tables  at audit time, calculate from the shadow tables which information was accessed by which queries

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of query logging Enterprise Application Query Handler DataQuery Logs Query JDBC Interface Write Log

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of backlogging Personal Information Tables Shadow Tables Triggers on Update, Insert, and Delete  Shadow tables maintain a temporal log of all information stored in the actual data tables.  Suppose you want to know what the database looked like at a certain point in time.  First select the set of records that have an earlier timestamp than your desired date  From that set, then select the set of records that have the latest timestamp.

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture PACT configuration wizard  an automated tool for configuring a database to support logging  a database administrator can specify a database connection which the wizard will analyze  the wizard will generate and execute the SQL necessary to augment the existing database tables

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Eunomia configuration wizard prompt admin for database settings analyze database tables create shadow tables populate shadow tables with current table information create query log table

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of logging from 1000 feet PACT Driver Eunomia Configuration Tool LogsData TablesShadow Tables Audit Tools Applications DBA CPO Triggers

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of logging from 100 feet JDBC Interface LogsDataShadow Tables Eunomia Interface Applications JSP/GUI Interface Log Setup Pact Configuration Wizard BacklogSQLGenerator JDBC Interface Triggers query record query and query results setup query logs read schema setup backlogs Doctor DBA

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Piece 2: The Audit Tool

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of auditing from 50,000 feet LogsShadow Tables Log Retrieval API Audit Tool

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of auditing from 50,000 feet  Auditing tools only care about questions like “What information was accessed by doctor X on date Y, in response to query Z.” The auditing tools would love to have the log data in the following format:  Unfortunately, processing all of the query log and backlog data to put it in this format is computationally expensive. Instead, it is necessary to process the data on the fly using a SQL query rewrite engine.  This layer of complexity is hidden within the “Log Retrieval API,” which will translate the data from the log format, to the format the audit tools want to use it in. Note – table is just a quick illustration of how the auditing tools would like to get at the data. Don’t nit-pick it.

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Overview of auditing from 1000 feet SQL Rewrite Engine JDBC and SQL Request ProcessorResult Processor Log Retrieval Layer Log Retrieval API Tools For Viewing Logs Tools for Comparing Logs Against Privacy Policies Audit Application LogsShadow Tables

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Queries and Query Sets  An auditor may want to retrieve a set of queries, and then process and analyze the queries in a number of ways  We will create “Query” objects and Query Sets, which will represent the query information retrieved from the database.  This will eliminate repeat computation when someone wants to process a set of queries in multiple ways.

Extreme Blue © 2004 IBM Corporation Eunomia Compliance Auditing | System Architecture Queries and Query Sets Database Log Retrieval API Audit Tool JDBC: SQL and ResultSet Objects Query and QuerySet Objects