|
Audit Trail
|
Hello everyone. In this issue, I start a new topic, Audit Trail.
Lately, we have a serious security crisis. Every day, newspapers report security
leakage occurred in major companies, and such issue has become a big concern
for all of us.
Security audit has been a major topic these days. As an audit in general covers
pretty much a wide area, I start with an overview of Oracle audit function.
Audit overview
Oracle has a variety of security functions and one of them is called audit.
Audit is a mechanism to prevent an encroachment of security.
This audit function audits every single operation done by a user logging in to
a database. If the user attempts unauthorized accessing or operation, audit function
detects it immediately.
Standard audit function audits user operation by issuing AUDIT statement and keeps a log.
There are three ways of auditing as follows:
1. Audit (SQL statement)
Specific SQL statement is chosen for auditing. For example, CREATE TABLE and DROP TABLE
are auditing target in AUDIT table.
2. Audit (Privilege)
Specific authorization is chosen for auditing. For example, AUDIT create any trigger is auditing
target when user creates database trigger by using CREATE ANY TRIGGER privilege.
3. Audit (Schema object)
Specific schema object is chosen for auditing. For example, issuing SELECT statement
to ORDERS table is auditing target in AUDIT select ON orders.
We can specify Oracle audit options by choosing which operations, SQL statements, objects, or
users to be audited. If we specify many audit options, will it affect system performance?
In this topic, I examine audit function to determine essence of audit and how audit function
affects performance.
I set three objectives:
1. To determine accuracy of audit and its relation with performance
If accuracy raises, will it affect performance?
2. To determine usage of data captured by auditing
3. To determine relationship between audit and security
Single Oracle user is always expected for current AP server configuration?
Analysis of audit function
I create a scenario for analyzing the audit function. I prepare level 1 to 4.
Level 1 analyzes audit (SQL statement) comprehensively. Level 2 analyzes audit
(schema object) in details.
Level 3 and 4 analyzes fine-grained auditing that is newly introduced in Oracle9i
to examine application-dependent auditing in detail.
Scenario
Company A constructs product ordering system. Information system department there
has been concerning about information leakage and unauthorized access causing leakage of
customer information.
Information system department decides to use Oracle auditing function to have internal
auditing. However, no one knows where to start. Besides, they worry about performance
degradation caused by auditing process. Thus, they set auditing level to grasp
auditing item and the degree of performance degradation.
Level 1
Get a log for auditing user logging into a specific application and detect unauthorized
access to database.
Level 2
Get a log for auditing operations (such as SELECT, UPDATE, INSERT, and DELETE) made to
a specific table with different levels of importance and detect unauthorized data operation.
Level 3
Customer information are stored in a specific table (such as Customer table).
Confidential information regarding customers such as address and phone number
are specified as auditing target. Every time someone attempts an access to the confidential
information, auditing log is collected.
Level 4
All accesses to a table (such as Confidential table) that contains strictly confidential
information are specified as auditing target. All logs are collected and if unauthorized
access is detected, it will be immediately reported to a person in charge by mail.
Next week, I will actually start my analysis based on the scenario above.
That's it for today.
Koji Shinkubo
|
|
Ora! Ora! Oracle