Presentation is loading. Please wait.

Presentation is loading. Please wait.

Adapted from Afyouni, Database Security and Auditing DB Auditing Examples (Ch. 9) Dr. Mario Guimaraes.

Published byAngelica Terry Modified over 8 years ago

Similar presentations

Presentation on theme: "Adapted from Afyouni, Database Security and Auditing DB Auditing Examples (Ch. 9) Dr. Mario Guimaraes."— Presentation transcript:

1 Adapted from Afyouni, Database Security and Auditing DB Auditing Examples (Ch. 9) Dr. Mario Guimaraes

2 Adapted from Afyouni, Database Security and Auditing 2 main types of auditing: Oracle-supplied auditing using AUDIT command. Results go to AUD$ Trigger-based DML auditing Either way, DBA must monitor auditing table. Auditing examples/scripts: http://www.securityfocus.com/infocus/1689 http://www.petefinnigan.com/papers/audit.sql

3 Adapted from Afyouni, Database Security and Auditing Example of Audit command Must have audit system privileges Only tracks in subsequent user sessions Creates records in table AUD$ owned by sys –You don’t query this table, you query Views such as DBA_AUDIT_TRAIL SQL> AUDIT Delete any table; SQL> NOAUDIT delete any table; SQL> AUDIT SELECT TABLE, UPDATE TABLE; SQL> AUDIT create session;

4 Adapted from Afyouni, Database Security and Auditing When to audit When should we audit Oracle users ? –Basic set of auditing measures all the time –Capture user access, use of system privileges, changes to the db schema (DDL) If company handles sensitive data (financial market, military, etc.) OR If there are suspicious activities concerning the DB or a user, specific actions should be done.

5 Adapted from Afyouni, Database Security and Auditing Creating DDL Triggers with Oracle Audit program provides: –Audit trail for all activities –Opportunity for using process controls Database activities statements (in addition to DML): –Data Definition Language (DDL) –Data Control Language –Database events –SQL statements audit trail

6 Adapted from Afyouni, Database Security and Auditing Example of LOGON and LOGOFF Database Events Steps: –Log on as SYSTEM –Create the APP_AUDIT_LOGINS table –Create two triggers: One that fires after the logon event One that fires before the logoff event –Log on as DBSEC; disconnect after a few minutes –Log on as SYSTEM to check the auditing table

7 Adapted from Afyouni, Database Security and Auditing Track logins

8 Adapted from Afyouni, Database Security and Auditing DDL Event Example Steps: –Log on as SYSTEM –Create a trigger that fires before an ALTER statement is completed –Log on as DBSEC and alter a table –Example of DDL Events: ALTER TABLE, ANALYZE, ASSOCIATE STATISTICS, AUDIT, CREATE TABLE, DROP, GRANT, NOAUDIT, REVOKE, TRUNCATE.

9 Adapted from Afyouni, Database Security and Auditing Track DDL Event

10 Adapted from Afyouni, Database Security and Auditing Auditing Code with Oracle Steps: –Log on as DBSEC –Create an auditing table –Create a table and populate it with two records –Create a trigger to track code –Update the new table –Look at the contents of the APP_AUDIT_SQLS table

11 Adapted from Afyouni, Database Security and Auditing Auditing Database Activities with Oracle Oracle provides mechanisms for auditing all: –Who creates or modifies the structure –Who is granting privileges to whom Two types of activities based on the type of SQL command statement used: –Defined by DDL (Data Definition Language) –Defined by DCL (Data Control Language)

12 Adapted from Afyouni, Database Security and Auditing Auditing DDL Activities Use a SQL-based AUDIT command Verify auditing is on: –Check the AUDIT_TRAIL parameter –Values: DB DB_EXTENDED OS NONE

13 Adapted from Afyouni, Database Security and Auditing Audit Statement

14 Adapted from Afyouni, Database Security and Auditing DDL Activities Example 1 Steps: –Use any user other than SYS or SYSTEM to create a table –Add three rows into the table –Log on as SYSTEM or SYS to enable auditing: For ALTER and DELETE –Log in as DBSEC: Delete a row Modify the structure of the table

15 Adapted from Afyouni, Database Security and Auditing DDL Activities Example 1 (continued) Steps (continued): –Check the audit records –Log in as SYSTEM and view the DBA_AUDIT_TRAIL table –Turn off the auditing option –Check the content of the DBA_AUDIT_OBJECT to see auditing metadata

16 Adapted from Afyouni, Database Security and Auditing DDL Activities Example 1

17 Adapted from Afyouni, Database Security and Auditing DDL Activities Example 1 (continued)

18 Adapted from Afyouni, Database Security and Auditing DDL Activities Example 2 Steps: –Log in as SYSTEM or SYS to enable auditing for the TABLE statement; ALTER, CREATE, and DROP TABLE statements –Log on as DBSEC and create a table, then drop the table –Log on as SYSTEM; view the content of DBA_AUDIT_TRAIL –Turn off auditing for the TABLE statement

19 Adapted from Afyouni, Database Security and Auditing DCL Activities Example Steps: –Log on as SYSTEM or SYS and issue an AUDIT statement –Log on as DBSEC and grant SELECT and UPDATE to SYSTEM –Log on as SYSTEM and display the contents of DBA_AUDIT_TRAIL –Review audit data dictionary

20 Adapted from Afyouni, Database Security and Auditing DCL Activities Example

21 Adapted from Afyouni, Database Security and Auditing Example of Auditing User Activities Steps: –Log on as SYSTEM or SYS, to issue an audit statement –Log on as DBSEC and create a temporary table –Go back to SYSTEM to view the contents of DBA_AUDIT_TRAIL

22 Adapted from Afyouni, Database Security and Auditing Audit Trail File Destination Set Audit trail to a an OS file: –Modify the initialization parameter file, INIT.ORA; set parameter AUDIT_TRAIL to the value OS –Create a folder/directory –Set AUDIT_FILE_DEST to the new directory –Shut down and restart the database –Connect as DBSEC

23 Adapted from Afyouni, Database Security and Auditing Oracle Alert Log Audits database activities: –Errors: Errors related to physical structure are recorded in the Alert log Monitor errors every five to ten minutes; can be done using a Windows or UNIX script Syntactical errors are not recorded –Startup and shutdown Date and time of each occurrence –Modified initialization parameters, each time a database is started –Checkpoints: configure Oracle to record checkpoint time –Archiving: view the timing for all redo log sequences, as well as archiving times –Physical database changes

Download ppt "Adapted from Afyouni, Database Security and Auditing DB Auditing Examples (Ch. 9) Dr. Mario Guimaraes."

Similar presentations

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 8 Application Data Auditing.
Oracle audit and reporting in one hour or less. Prepared by: Leon Rzhemovskiy Database Architect UnikaSolution.com UGF9157.

Oracle audit and reporting in one hour or less. Prepared by: Leon Rzhemovskiy Database Architect UnikaSolution.com UGF9157.
1 Auditing the DBA: What non-technical managers and auditors should know. Presented By Cam Larner Cam Larner President President Absolute Technologies,

1 Auditing the DBA: What non-technical managers and auditors should know. Presented By Cam Larner Cam Larner President President Absolute Technologies,
Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,

Miss Scarlet with a lead pipe, in the library Players: 3 to 6 Contents: Clue game board, six suspect tokens, six murder weapons, 21 cards, secret envelope,
GOLD SILVER BRONZE. © CGI Group Inc. 2014 Oracle Auditing COUG Presentation – June 19, 2014 Ray Smith June 2014.

GOLD SILVER BRONZE. © CGI Group Inc Oracle Auditing COUG Presentation – June 19, 2014 Ray Smith June 2014.
Oracle 10g Database Administrator: Implementation and Administration

Oracle 10g Database Administrator: Implementation and Administration
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.
Chapter 9 Auditing Database Activities

Chapter 9 Auditing Database Activities
System Administration Accounts privileges, users and roles

System Administration Accounts privileges, users and roles
Chapter 7 Database Auditing Models

Chapter 7 Database Auditing Models
Advanced Databases Basic Database Administration Guide to Oracle 10g 1.

Advanced Databases Basic Database Administration Guide to Oracle 10g 1.
10 Copyright © 2005, Oracle. All rights reserved. Implementing Oracle Database Security.

10 Copyright © 2005, Oracle. All rights reserved. Implementing Oracle Database Security.
Adapted from Afyouni, Database Security and Auditing Database Application Auditing – Ch. 8.

Adapted from Afyouni, Database Security and Auditing Database Application Auditing – Ch. 8.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.

Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 3 Administration of Users.
11 Copyright © 2004, Oracle. All rights reserved. Oracle Database Security.

11 Copyright © 2004, Oracle. All rights reserved. Oracle Database Security.
Chapter 101. 2 Oracle Server An Oracle Server consists of an Oracle database (stored data, control and log files.) The Server will support SQL to define.

Chapter Oracle Server An Oracle Server consists of an Oracle database (stored data, control and log files.) The Server will support SQL to define.
By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.

By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.
CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

CHAPTER 6 Users and Basic Security. Progression of Steps for Creating a Database Environment 1. Install Oracle database binaries (Chapter 1) 2. Create.

Similar presentations

Ads by Google