Upload
darren-mcgee
View
231
Download
0
Tags:
Embed Size (px)
Citation preview
Adapted from Afyouni, Database Security and Auditing
Database Application Auditing – Ch. 8
Adapted from Afyouni, Database Security and Auditing
DML Action Auditing Architecture
• Data Manipulation Language (DML): companies use auditing architecture for DML changes
• DML changes can be performed on two levels:– Row level– Column level
• Fine-grained auditing (FGA)
Adapted from Afyouni, Database Security and Auditing
DML Action Auditing (cont.)
Adapted from Afyouni, Database Security and Auditing
DML Action Auditing (cont.)
Adapted from Afyouni, Database Security and Auditing
Oracle Triggers
• Stored PL/SQL procedure executed whenever:– DML operation occurs – Specific database event occurs
• DML events (trigger timings): INSERT, UPDATE, and DELETE
• Purposes:– Audits, controlling invalid data– Implementing business rules, generating
values
Adapted from Afyouni, Database Security and Auditing
Oracle Triggers (continued)
Adapted from Afyouni, Database Security and Auditing
Oracle Triggers (continued)
• CREATE TRIGGER• Executed in a specific order:
– BEFORE triggers before AFTER triggers• USER_TRIGGERS data dictionary view: all
triggers created on a table• A table can have unlimited triggers: do
not overuse them
Adapted from Afyouni, Database Security and Auditing
SQL Server Triggers
• Restrictions—Transact-SQL statements not allowed in Triggers:– ALTER and CREATE DATABASE– DISK INIT and DISK RESIZE– DROP DATABASE and LOAD DATABASE– LOAD LOG– RECONFIGURE– RESTORE DATABASE– RESTORE LOG
Adapted from Afyouni, Database Security and Auditing
Historical Model with SQL Server
• Create a history table:– Same structure as original table– HISTORY_ID column
• Create a trigger: inserts original row into the HISTORY table
Adapted from Afyouni, Database Security and Auditing
Oracle Fine-grained Auditing (FGA)
• Oracle provides column-level auditing: Oracle PL/SQL-supplied package DBMS_FGA
• DBMS_FGA procedures:– ADD_POLICY– DISABLE_POLICY– DROP_POLICY– ENABLE_POLICY
Adapted from Afyouni, Database Security and Auditing
Oracle Fine-grained Auditing (FGA)
• ADD_POLICY parameters:– OBJECT_SCHEMA– OBJECT_NAME– POLICY_NAME– AUDIT_CONDITION– AUDIT_COLUMN– HANDLER_SCHEMA (user name that owns the
procedure that is used as the event handler. NULL indicates current schema).
Adapted from Afyouni, Database Security and Auditing
Oracle Fine-grained Auditing (FGA)
• ADD_POLICY parameters (continued):– HANDLER_MODULE– ENABLE– STATEMENT_TYPES
• DBA_FGA_AUDIT_TRAIL: view the audit trail of the DML activities
Adapted from Afyouni, Database Security and Auditing
Oracle Fine-grained Auditing (FGA)
• Record data changes on the table:– Name of the person making the change– Date of the change– Time of the change
• Before or after value of the columns are not recorded
Adapted from Afyouni, Database Security and Auditing
Oracle Fine-grained Auditing (FGA)
Adapted from Afyouni, Database Security and Auditing
Oracle Fine-grained Auditing (FGA)
• Steps:– Use any user other than SYSTEM or
SYS; with privileges to create tables, sequences, and triggers
– Create the auditing table– Create a sequence object– Create the trigger that will record DML
operations– Test your implementation
Adapted from Afyouni, Database Security and Auditing
History Auditing Model w/ Oracle
• Historical data auditing is simple to implement; main components are TRIGGER objects and TABLE objects
• Keeps record of:– Date and time the copy of the record was
captured– Type of operation applied to the record
Adapted from Afyouni, Database Security and Auditing
History Auditing Model w/ Oracle
• Steps:– Use any user other than SYSTEM or SYS;
with privileges to create tables, sequences, and triggers
– Create history table– Create the trigger to track changes and
record all the values of the columns– Test your implementation
Adapted from Afyouni, Database Security and Auditing
History Auditing Model w/ Oracle
• Simple Auditing Model 1• Flag users, tables, or columns for auditing• Requires less database administrative skills:
– Application administrators can do it– User interface is built in top of the
repository• Auditing flags are flexible• Does not record before or after column
values; only registers type of DML operations
• Cronological record of all activities.
Adapted from Afyouni, Database Security and Auditing
DML Auditing Using Repository with Oracle (Simple 1)
• Steps:– Use any user other than SYSTEM or SYS– Create triggers– Create sequence object– Build tables to use for applications– Populate application tables– Populate auditing repository with
metadata– Create the stored package to be used
with the trigger– Create triggers for application tables– Test your implementation
Adapted from Afyouni, Database Security and Auditing
DML Auditing Using Repository with Oracle (Simple 2)
• Simple Auditing Model 2: requires a higher level of expertise in PL/SQL
• Stores two types of data:– Audit data: value before or after a DML
statement– Audit table: name of the tables to be
audited
Records only column value changes.
Adapted from Afyouni, Database Security and Auditing
DML Auditing Using Repository with Oracle (Simple 2)
• Steps:– Use any user other than SYSTEM or SYS;
with privileges to create tables, and triggers
– Create the auditing repository– Establish a foreign key in AUDIT_DATA
table referencing AUDIT_TABLE table– Create a sequence object– Create the application schema
Adapted from Afyouni, Database Security and Auditing
DML Auditing Using Repository with Oracle (Simple 2)
• Steps (continued):– Add data to tables– A stored PL/SQL package will be used for
auditing within the triggers– Create triggers for audited tables– Add auditing metadata– Test your implementation
Adapted from Afyouni, Database Security and Auditing
Auditing Application Errors with Oracle
• Application errors must be recorded for further analysis
• Business requirements mandate to keep an audit trail of all application errors
• Materials:– Repository consisting of one table– Methodology for your application
Adapted from Afyouni, Database Security and Auditing
Auditing Application Errors with Oracle (continued)
• Steps:– Select any user other than SYSTEM or
SYS; with privileges to create tables, and procedures
– Populate tables– Create the ERROR table– Create a stored package to perform the
UPDATE statement– Test your implementation: perform and
update using the CREATE package
Adapted from Afyouni, Database Security and Auditing
Oracle PL/SQL Procedure Authorization
• Oracle PL/SQL stored procedures are the mainstay of implementing business rules
• Security modes: – Invoker rights: procedure is executed
using security credentials of the caller– Definer rights: procedure is executed
using security credentials of the owner
Adapted from Afyouni, Database Security and Auditing
Oracle PL/SQL Procedure Authorization
• Steps:– Create a new user– Select a user with CREATE TABLE and
PROCEDURE privileges– Populate tables– Create stored procedure to select rows in
a table– Grant EXECUTE privileges on new
procedure– Log on as the new user and query the
table– Execute procedure
Adapted from Afyouni, Database Security and Auditing
Summary
• Primary purposes: validate authorization and authentication
• Two approaches for DML auditing:– Set up an audit trail for DML activities– Register all column values before or after
the DML statement (column-level auditing)
• Fine-grained auditing (Oracle)• Triggers:
– Stored PL/SQL procedure automatically executed
• USER_TRIGGERS data dictionary view: shows all triggers
• FGA allows generation of audit trail of DML activities
Adapted from Afyouni, Database Security and Auditing
Summary
• Server Security • Database Connections • Table Access Control • Restricting Database Access
Adapted from Afyouni, Database Security and Auditing
Summary (continued)
• FGA is capable of auditing columns or tables; Oracle PL/SQL-supplied package DBMS_FGA
• PL/SQL stored procedures security modes:– Invoker rights– Definer rights
• SQL Server 2000:– CREATE TRIGGER DDL statement– Conditional functions: UPDATE() and
COLUMNS_UPDATED()
Adapted from Afyouni, Database Security and Auditing
Summary
• Evaluate your purpose for auditing • Audit only pertinent actions • Archive audit records and purge audit trail
• Automated Solutions– Triggers– FGA (Oracle)