Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 9 Auditing Database Activities.

Slides:



Advertisements
Similar presentations
Stored procedures and views You can see definitions for stored procedures and views in the demo databases but you can’t change them. For views, expand.
Advertisements

4 Copyright © 2005, Oracle. All rights reserved. Managing the Oracle Instance.
Module 12: Auditing SQL Server Environments
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Week 6: Chapter 6 Agenda Automation of SQL Server tasks using: SQL Server Agent Scheduling Scripting Technologies.
1 Auditing the DBA: What non-technical managers and auditors should know. Presented By Cam Larner Cam Larner President President Absolute Technologies,
GOLD SILVER BRONZE. © CGI Group Inc Oracle Auditing COUG Presentation – June 19, 2014 Ray Smith June 2014.
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 2 Overview of Database Administrator (DBA) Tools.
Oracle 10g Database Administrator: Implementation and Administration
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.
Lesson 17: Configuring Security Policies
Chapter 9 Auditing Database Activities
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
System Administration Accounts privileges, users and roles
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Chapter 7 Database Auditing Models
Advanced Databases Basic Database Administration Guide to Oracle 10g 1.
Chapter 10 Overview  Implement Microsoft Windows Authentication Mode and Mixed Mode  Assign login accounts to database user accounts and roles  Assign.
Database Security Managing Users and Security Models.
DB Audit Expert v1.1 for Oracle Copyright © SoftTree Technologies, Inc. This presentation is for DB Audit Expert for Oracle version 1.1 which.
Adapted from Afyouni, Database Security and Auditing DB Auditing Examples (Ch. 9) Dr. Mario Guimaraes.
Adapted from Afyouni, Database Security and Auditing Database Application Auditing – Ch. 8.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Overview What is SQL Server? Creating databases Administration Security Backup.
1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring, Managing, and Troubleshooting Resource Access.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Chapter Oracle Server An Oracle Server consists of an Oracle database (stored data, control and log files.) The Server will support SQL to define.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 6 Virtual Private Databases.
CSIS 4310 – Advanced Databases Virtual Private Databases.
Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.
Eurotrace Hands-On The Eurotrace File System. 2 The Eurotrace file system Under MS ACCESS EUROTRACE generates several different files when you create.
4 Copyright © 2006, Oracle. All rights reserved. Recovering from Noncritical Losses.
Introduction to SEQUEL. What is SEQUEL? Acronym for Structural English Query Language Acronym for Structural English Query Language Standard language.
MICROSOFT SQL SERVER 2005 SECURITY  Special Purpose Logins and Users  SQL Server 2005 Authentication Modes  Permissions  Roles  Managing Server Logins.
Triggers A Quick Reference and Summary BIT 275. Triggers SQL code permits you to access only one table for an INSERT, UPDATE, or DELETE statement. The.
Module 10 Assigning Server and Database Roles. Module Overview Working with Server Roles Working with Fixed Database Roles Creating User-defined Database.
1 Chapter Overview Performing Configuration Tasks Setting Up Additional Features Performing Maintenance Tasks.
IT Database Administration SECTION 01. Starting Up and Shutting Down the Database Database Administration Facilities – A number of tools are available.
Roles & privileges privilege A user privilege is a right to execute a particular type of SQL statement, or a right to access another user's object. The.
Creating DDL and Database Event Triggers. 2 home back first prev next last What Will I Learn? Describe events that cause DDL and database event triggers.
2. SQL Security Objectives –Learn SQL Server 2000 components Contents –Understanding the Authentication Process –Understanding the Authorization Process.
Permissions Lesson 13. Skills Matrix Security Modes Maintaining data integrity involves creating users, controlling their access and limiting their ability.
14 Copyright © 2005, Oracle. All rights reserved. Backup and Recovery Concepts.
Chapter 13Introduction to Oracle9i: SQL1 Chapter 13 User Creation and Management.
© 2007 by Prentice Hall2-1 Introduction to Oracle 10g Chapter 2 Overview of SQL and SQL*Plus James Perry and Gerald Post.
Oracle 11g: SQL Chapter 7 User Creation and Management.
Chapter 6 Virtual Private Databases
18 Copyright © 2004, Oracle. All rights reserved. Recovery Concepts.
14 Copyright © 2005, Oracle. All rights reserved. Backup and Recovery Concepts.
Dr. Chen, Oracle Database System (Oracle) 1 Chapter 7 User Creation and Management Jason C. H. Chen, Ph.D. Professor of MIS School of Business Gonzaga.
SQL SERVER AUDITING. Jean Joseph DBA/Consultant Contact Info: Blog:
SQL Triggers, Functions & Stored Procedures Programming Operations.
MY SQL INTRODUCTION TO LOGIN BASIC COMMANDS OTHER COMMANDS.
9 Copyright © 2004, Oracle. All rights reserved. Incomplete Recovery.
Configuring the User and Computer Environment Using Group Policy Lesson 8.
WELCOME! SQL Server Security. Scott Gleason This is my 9 th Jacksonville SQL Saturday Over ten years DBA experience Director of Database Operations
19 Copyright © 2008, Oracle. All rights reserved. Security.
SQL Database Management
Introduction To Database Systems
Database Security OER- UNIT 5 AUDIT PART 1 - INTRODUCTION
Auditing in SQL Server 2008 DBA-364-M
Oracle9i Developer: PL/SQL Programming Chapter 8 Database Triggers.
Managing Privileges.
Prof. Arfaoui. COM390 Chapter 9
Presentation transcript:

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 9 Auditing Database Activities

Database Security and Auditing2 Objectives Use Oracle database activities Learn how to create DLL triggers with Oracle Audit database activities using Oracle

Database Security and Auditing3 Objectives (continued) Audit server activities with Microsoft SQL Server 2000 Audit database activities using Microsoft SQL Profiler Use SQL Server for security auditing

Database Security and Auditing4 Using Oracle Database Activities Several types of activities: –Application activities: SQL statements issued against application tables –Administration activities: commands issued for maintenance and administrative purposes –Database events: events that occur when a specific activity occurs

Database Security and Auditing5 Creating DDL Triggers with Oracle Audit program provides: –Audit trail for all activities –Opportunity for using process controls Database activities statements (in addition to DML): –Data Definition Language (DDL) –Data Control Language –Database events –SQL statements audit trail

Database Security and Auditing6 Creating DDL Triggers with Oracle (continued) Use CREATE TRIGGER: –DDL statements –Database events

Database Security and Auditing7 Example of LOGON and LOGOFF Database Events Steps: –Log on as SYSTEM –Create the APP_AUDIT_LOGINS table –Create two triggers: One that fires after the logon event One that fires before the logoff event –Log on as DBSEC; disconnect after a few minutes –Log on as SYSTEM to check the auditing table

Database Security and Auditing8 DDL Event Example Steps: –Log on as SYSTEM –Create a trigger that fires before an ALTER statement is completed –Log on as DBSEC and alter a table Pseudocolumns: –ora_dict_obj_name –ora_dict_obj_owner –ora_sysevent

Database Security and Auditing9 Auditing Code with Oracle Steps: –Log on as DBSEC –Create an auditing table –Create a table and populate it with two records –Create a trigger to track code –Update the new table –Look at the contents of the APP_AUDIT_SQLS table

Database Security and Auditing10 Auditing Database Activities with Oracle Oracle provides mechanisms for auditing all: –Who creates or modifies the structure –Who is granting privileges to whom Two types of activities based on the type of SQL command statement used: –Defined by DDL (Data Definition Language) –Defined by DCL (Data Control Language)

Database Security and Auditing11 Auditing DDL Activities Use a SQL-based AUDIT command Verify auditing is on: –Check the AUDIT_TRAIL parameter –Values: DB DB_EXTENDED OS NONE

Database Security and Auditing12 Auditing DDL Activities (continued)

Database Security and Auditing13 DDL Activities Example 1 Steps: –Use any user other than SYS or SYSTEM to create a table –Add three rows into the table –Log on as SYSTEM or SYS to enable auditing: For ALTER and DELETE –Log in as DBSEC: Delete a row Modify the structure of the table

Database Security and Auditing14 DDL Activities Example 1 (continued) Steps (continued): –Check the audit records –Log in as SYSTEM and view the DBA_AUDIT_TRAIL table –Turn off the auditing option –Check the content of the DBA_AUDIT_OBJECT to see auditing metadata

Database Security and Auditing15 DDL Activities Example 1 (continued)

Database Security and Auditing16 DDL Activities Example 1 (continued)

Database Security and Auditing17 DDL Activities Example 2 Steps: –Log in as SYSTEM or SYS to enable auditing for the TABLE statement; ALTER, CREATE, and DROP TABLE statements –Log on as DBSEC and create a table, then drop the table –Log on as SYSTEM; view the content of DBA_AUDIT_TRAIL –Turn off auditing for the TABLE statement

Database Security and Auditing18 DCL Activities Example Steps: –Log on as SYSTEM or SYS and issue an AUDIT statement –Log on as DBSEC and grant SELECT and UPDATE to SYSTEM –Log on as SYSTEM and display the contents of DBA_AUDIT_TRAIL –Review audit data dictionary

Database Security and Auditing19 DCL Activities Example (continued)

Database Security and Auditing20 Example of Auditing User Activities Steps: –Log on as SYSTEM or SYS, to issue an audit statement –Log on as DBSEC and create a temporary table –Go back to SYSTEM to view the contents of DBA_AUDIT_TRAIL

Database Security and Auditing21 Audit Trail File Destination Steps: –Modify the initialization parameter file, INIT.ORA; set parameter AUDIT_TRAIL to the value OS –Create a folder/directory –Set AUDIT_FILE_DEST to the new directory –Shut down and restart the database –Connect as DBSEC

Database Security and Auditing22 Oracle Alert Log Audits database activities: –Errors: Errors related to physical structure are recorded in the Alert log Monitor errors every five to ten minutes; can be done using a Windows or UNIX script Syntactical errors are not recorded –Startup and shutdown Date and time of each occurrence

Database Security and Auditing23 Oracle Alert Log (continued)

Database Security and Auditing24 Oracle Alert Log (continued) Database activities (continued): –Modified initialization parameters, each time a database is started –Checkpoints: configure Oracle to record checkpoint time –Archiving: view the timing for all redo log sequences, as well as archiving times –Physical database changes

Database Security and Auditing25 Oracle Alert Log (continued)

Database Security and Auditing26 Auditing Server Activity with Microsoft SQL Server 2000 Way to track and log activity for each SQL Server occurrence Must be a member of the sysadmin fixed server role Two types of auditing for server events: –Auditing –C2 auditing Auditing affects performance and can be costly

Database Security and Auditing27 Implementing SQL Profiler User interface for auditing events For each event you can audit: –Date and time of the event –User who caused the event to occur –Type of event –Success or failure of the event –Origin of the request –Name of the object accessed –Text SQL statement

Database Security and Auditing28 Implementing SQL Profiler (continued)

Database Security and Auditing29 Security Auditing with SQL Server Steps for setting security auditing level: –Open Enterprise Manager –Expand the appropriate SQL Server group –Right-click on the desired server –Click Properties –On the security tab, select the desired security level

Database Security and Auditing30 Security Auditing with SQL Server (continued)

Database Security and Auditing31 Security Auditing with SQL Server (continued) Auditable events: –ADD DB USER –ADD LOGIN TO SERVER ROLE –ADD MEMBER TO DB ROLE –ADD ROLE –APP ROLE CHANGE PASSWORD –BACKUP/RESTORE –CHANGE AUDIT

Database Security and Auditing32 Security Auditing with SQL Server (continued) Auditable events (continued): –DBCC –LOGIN –LOGOUT –LOGIN CHANGE PASSWORD –LOGIN CHANGE PROPERTY –LOGIN FAILED –Login GDR (GRANT, DENY, REVOKE)

Database Security and Auditing33 Security Auditing with SQL Server (continued) Auditable events (continued): –Object Derived Permissions –Object GDR –Object Permissions –Server Start and Stop –Statement GDR –Statement Permission

Database Security and Auditing34 Security Auditing with SQL Server (continued)

Database Security and Auditing35 Security Auditing with SQL Server (continued) New trace information: –A name for the trace –The server you want to audit –The base template to start with –Where to save the audit data, either to a file or to a database table –A stop time, if you don’t want the trace to run indefinitely

Database Security and Auditing36 Security Auditing with SQL Server (continued)

Database Security and Auditing37 Security Auditing with SQL Server (continued)

Database Security and Auditing38 Security Auditing with SQL Server (continued) Steps to add Login Change Password event –Expand the Security Audit node under Available event classes –Click Audit Login Change Password Event –Click the Add button

Database Security and Auditing39 Security Auditing with SQL Server (continued)

Database Security and Auditing40 Data Definition Auditing Audit DDL statements: –Object:Created –Object:Deleted –Will audit all CREATE and DROP statements

Database Security and Auditing41 Data Definition Auditing (continued)

Database Security and Auditing42 Database Auditing with SQL Server

Database Security and Auditing43 Database Errors Auditing with SQL Server

Database Security and Auditing44 Summary Activities types: –Application activities –Administration activities –Database events Oracle triggers provide a way to create an audit trail Auditable Oracle database activities: logon, logoff, startup and shutdown

Database Security and Auditing45 Summary (continued) Oracle provides the SQL AUDIT command: initialization parameter AUDIT_TRAIL NOAUDIT used to stop auditing DBA_AUDIT_TRAIL data dictionary view Oracle Alert Log: –Database errors –Modified initialization parameters –Checkpoints

Database Security and Auditing46 Summary (continued) Microsoft SQL Server 2000: way to track and log SQL Server activity Must be a member of sysadmin fixed role to enable or modify auditing SQL Profiler: –Visualization tool –Audit errors that occur within the database

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.