Lecture Database security and auditing - Protecting data integrity and accessibility - Chapter 9: Auditing database activities presentation of content: Audit server activities with Microsoft SQL Server 2000, audit database activities using Microsoft SQL Profiler, use SQL Server for security auditing. Mời các bạn tham khảo.
Trang 1Database Security and Auditing: Protecting Data Integrity and Accessibility
Chapter 9 Auditing Database Activities
Trang 2• Use Oracle database activities
• Learn how to create DLL triggers with Oracle
• Audit database activities using Oracle
Trang 4Using Oracle Database Activities
• Several types of activities:
against application tables
maintenance and administrative purposes
specific activity occurs
Trang 5Creating DDL Triggers with Oracle
• Audit program provides:
• Database activities statements (in addition to DML):
Trang 6Creating DDL Triggers with Oracle
(continued)
Trang 7Example of LOGON and LOGOFF
Database Events
• Steps:
minutes
Trang 9Auditing Code with Oracle
• Steps:
table
Trang 10Auditing Database Activities with
Oracle
• Oracle provides mechanisms for auditing all:
• Two types of activities based on the type of SQL command statement used:
Trang 11Auditing DDL Activities
• Use a SQL-based AUDIT command
• Verify auditing is on:
Trang 12Auditing DDL Activities (continued)
Trang 13DDL Activities Example 1
• Steps:
create a table
For ALTER and DELETE
Trang 14DDL Activities Example 1 (continued)
• Steps (continued):
DBA_AUDIT_TRAIL table
to see auditing metadata
Trang 15DDL Activities Example 1 (continued)
Trang 16DDL Activities Example 1 (continued)
Trang 17DDL Activities Example 2
• Steps:
the TABLE statement; ALTER, CREATE, and
DROP TABLE statements
Trang 19DCL Activities Example (continued)
Trang 20Example of Auditing User Activities
• Steps:
statement
DBA_AUDIT_TRAIL
Trang 21Audit Trail File Destination
• Steps:
set parameter AUDIT_TRAIL to the value OS
Trang 22Oracle Alert Log
• Audits database activities:
in the Alert log
done using a Windows or UNIX script
Trang 23Oracle Alert Log (continued)
Trang 24Oracle Alert Log (continued)
• Database activities (continued):
database is started
checkpoint time
sequences, as well as archiving times
Trang 25Oracle Alert Log (continued)
Trang 26Auditing Server Activity with Microsoft
Trang 27Implementing SQL Profiler
• User interface for auditing events
• For each event you can audit:
Trang 28Implementing SQL Profiler (continued)
Trang 29Security Auditing with SQL Server
• Steps for setting security auditing level:
level
Trang 30Security Auditing with SQL Server
(continued)
Trang 31Security Auditing with SQL Server
(continued)
• Auditable events:
Trang 32Security Auditing with SQL Server
Trang 33Security Auditing with SQL Server
(continued)
• Auditable events (continued):
Trang 34Security Auditing with SQL Server
(continued)
Trang 35Security Auditing with SQL Server
(continued)
• New trace information:
to a database table
indefinitely
Trang 36Security Auditing with SQL Server
(continued)
Trang 37Security Auditing with SQL Server
(continued)
Trang 38Security Auditing with SQL Server
(continued)
• Steps to add Login Change Password event
event classes
Trang 39Security Auditing with SQL Server
(continued)
Trang 40Data Definition Auditing
Trang 41Data Definition Auditing (continued)
Trang 42Database Auditing with SQL Server
Trang 43Database Errors Auditing with SQL
Server
Trang 45Summary (continued)
• Oracle provides the SQL AUDIT command: initialization parameter AUDIT_TRAIL
• NOAUDIT used to stop auditing
• DBA_AUDIT_TRAIL data dictionary view
• Oracle Alert Log: