intTypePromotion=1
zunia.vn Tuyển sinh 2024 dành cho Gen-Z zunia.vn zunia.vn
ADSENSE
 » 
 » 

Lecture Database security and auditing - Protecting data integrity and accessibility - Chapter 9: Application Data Auditing

Chia sẻ: Hấp Hấp | Ngày: | Loại File: PPTX | Số trang:46

Thêm vào BST
Báo xấu
84
lượt xem 3
download
 
  Download Vui lòng tải xuống để xem tài liệu đầy đủ

Lecture "Database security and auditing - Protecting data integrity and accessibility - Chapter 9: Auditing database activities" presentation of content: Audit server activities with Microsoft SQL Server 2000, audit database activities using Microsoft SQL Profiler, use SQL Server for security auditing. Mời các bạn tham khảo.

Chủ đề:

Bình luận(0) Đăng nhập để gửi bình luận!

Lưu

Nội dung Text: Lecture Database security and auditing - Protecting data integrity and accessibility - Chapter 9: Application Data Auditing

  1. Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 9 Auditing Database Activities
  2. Objectives • Use Oracle database activities • Learn how to create DLL triggers with Oracle • Audit database activities using Oracle Database Security and Auditing 2
  3. Objectives (continued) • Audit server activities with Microsoft SQL Server 2000 • Audit database activities using Microsoft SQL Profiler • Use SQL Server for security auditing Database Security and Auditing 3
  4. Using Oracle Database Activities • Several types of activities: – Application activities: SQL statements issued against application tables – Administration activities: commands issued for maintenance and administrative purposes – Database events: events that occur when a specific activity occurs Database Security and Auditing 4
  5. Creating DDL Triggers with Oracle • Audit program provides: – Audit trail for all activities – Opportunity for using process controls • Database activities statements (in addition to DML): – Data Definition Language (DDL) – Data Control Language – Database events – SQL statements audit trail Database Security and Auditing 5
  6. Creating DDL Triggers with Oracle (continued) • Use CREATE TRIGGER: – DDL statements – Database events Database Security and Auditing 6
  7. Example of LOGON and LOGOFF Database Events • Steps: – Log on as SYSTEM – Create the APP_AUDIT_LOGINS table – Create two triggers: • One that fires after the logon event • One that fires before the logoff event – Log on as DBSEC; disconnect after a few minutes – Log on as SYSTEM to check the auditing table Database Security and Auditing 7
  8. DDL Event Example • Steps: – Log on as SYSTEM – Create a trigger that fires before an ALTER statement is completed – Log on as DBSEC and alter a table • Pseudocolumns: – ora_dict_obj_name – ora_dict_obj_owner – ora_sysevent Database Security and Auditing 8
  9. Auditing Code with Oracle • Steps: – Log on as DBSEC – Create an auditing table – Create a table and populate it with two records – Create a trigger to track code – Update the new table – Look at the contents of the APP_AUDIT_SQLS table Database Security and Auditing 9
  10. Auditing Database Activities with Oracle • Oracle provides mechanisms for auditing all: – Who creates or modifies the structure – Who is granting privileges to whom • Two types of activities based on the type of SQL command statement used: – Defined by DDL (Data Definition Language) – Defined by DCL (Data Control Language) Database Security and Auditing 10
  11. Auditing DDL Activities • Use a SQL-based AUDIT command • Verify auditing is on: – Check the AUDIT_TRAIL parameter – Values: • DB • DB_EXTENDED • OS • NONE Database Security and Auditing 11
  12. Auditing DDL Activities (continued) Database Security and Auditing 12
  13. DDL Activities Example 1 • Steps: – Use any user other than SYS or SYSTEM to create a table – Add three rows into the table – Log on as SYSTEM or SYS to enable auditing: For ALTER and DELETE – Log in as DBSEC: • Delete a row • Modify the structure of the table Database Security and Auditing 13
  14. DDL Activities Example 1 (continued) • Steps (continued): – Check the audit records – Log in as SYSTEM and view the DBA_AUDIT_TRAIL table – Turn off the auditing option – Check the content of the DBA_AUDIT_OBJECT to see auditing metadata Database Security and Auditing 14
  15. DDL Activities Example 1 (continued) Database Security and Auditing 15
  16. DDL Activities Example 1 (continued) Database Security and Auditing 16
  17. DDL Activities Example 2 • Steps: – Log in as SYSTEM or SYS to enable auditing for the TABLE statement; ALTER, CREATE, and DROP TABLE statements – Log on as DBSEC and create a table, then drop the table – Log on as SYSTEM; view the content of DBA_AUDIT_TRAIL – Turn off auditing for the TABLE statement Database Security and Auditing 17
  18. DCL Activities Example • Steps: – Log on as SYSTEM or SYS and issue an AUDIT statement – Log on as DBSEC and grant SELECT and UPDATE to SYSTEM – Log on as SYSTEM and display the contents of DBA_AUDIT_TRAIL – Review audit data dictionary Database Security and Auditing 18
  19. DCL Activities Example (continued) Database Security and Auditing 19
  20. Example of Auditing User Activities • Steps: – Log on as SYSTEM or SYS, to issue an audit statement – Log on as DBSEC and create a temporary table – Go back to SYSTEM to view the contents of DBA_AUDIT_TRAIL Database Security and Auditing 20
ADSENSE

CÓ THỂ BẠN MUỐN DOWNLOAD


ERROR:connection to 10.20.1.101:9315 failed (errno=111, msg=Connection refused)
ERROR:connection to 10.20.1.101:9315 failed (errno=111, msg=Connection refused)
THÔNG TIN
TRỢ GIÚP
HỖ TRỢ KHÁCH HÀNG
Theo dõi chúng tôi

Chịu trách nhiệm nội dung:

Nguyễn Công Hà - Giám đốc Công ty TNHH TÀI LIỆU TRỰC TUYẾN VI NA

LIÊN HỆ

Địa chỉ: P402, 54A Nơ Trang Long, Phường 14, Q.Bình Thạnh, TP.HCM

Hotline: 093 303 0098

Email: support@tailieu.vn

Giấy phép Mạng Xã Hội số: 670/GP-BTTTT cấp ngày 30/11/2015 Copyright ©2025 TaiLieu.VN. All rights reserved.

 

Đồng bộ tài khoản
33=>0