Bài giảng Bảo mật cơ sở dữ liệu - Chapter 7: Database auditing models trình bày các nội dung: Gain an overview of auditing fundamentals, understand the database auditing environment, create a flowchart of the auditing process, list the basic objectives of an audit. Mời các bạn cùng tham khảo.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter Database Auditing Models Objectives • • • • Gain an overview of auditing fundamentals Understand the database auditing environment Create a flowchart of the auditing process List the basic objectives of an audit Database Security and Auditing Objectives (continued) • • • Define the differences between auditing classifications and types List the benefits and side effects of an audit Create your own auditing models Database Security and Auditing Auditing Overview • Audit examines: documentation that reflects (from business or individuals); actions, practices, conduct • Audit measures: compliance to policies, procedures, processes and laws Database Security and Auditing Definitions • Audit/auditing: process of examining and validating documents, data, processes, procedures, systems • Audit log: document that contains all activities that are being audited ordered in a chronological manner • Audit objectives: set of business rules, system controls, government regulations, or security policies Database Security and Auditing Definitions (continued) • • • • Auditor: person authorized to audit Audit procedure: set of instructions for the auditing process Audit report: document that contains the audit findings Audit trail: chronological record of document changes, data changes, system activities, or operational events Database Security and Auditing Definitions (continued) • Data audit: chronological record of data changes stored in log file or database table object • • Database auditing: chronological record of database activities Internal auditing: examination of activities conducted by staff members of the audited organization • External auditing Database Security and Auditing Auditing Activities • • • Evaluate the effectiveness and adequacy of the audited entity Ascertain and review the reliability and integrity of the audited entity Ensure the organization complies with policies, procedures, regulations, laws, and standards of the government and the industry • Establish plans, policies, and procedures for conducting audits Database Security and Auditing Auditing Activities (continued) • • • • • Keep abreast of all changes to audited entity Keep abreast of updates and new audit regulations Provide all audit details to all company employees involved in the audit Publish audit guidelines and procedures Act as liaison between the company and the external audit team Database Security and Auditing Auditing Activities (continued) • • • • Act as a consultant to architects, developers, and business analysts Organize and conduct internal audits Ensure all contractual items are met by the organization being audited Identify the audit types that will be used Database Security and Auditing 10 Simple Auditing Model • • • • • Easy to understand and develop Registers audited entities in the audit model repository Chronologically tracks activities performed Entities: user, table, or column Activities: DML transaction or logon and off times Database Security and Auditing 35 Simple Auditing Model (continued) Database Security and Auditing 36 Simple Auditing Model (continued) • Control columns: – Placeholder for data inserted automatically when a record is created or updated (date and time record was created and updated) – Can be distinguished with a CTL prefix Database Security and Auditing 37 Simple Auditing Model (continued) Database Security and Auditing 38 Simple Auditing Model • • • • Only stores the column value changes There is a purging and archiving mechanism; reduces the amount of data stored Does not register an action that was performed on the data Ideal for auditing a column or two of a table Database Security and Auditing 39 Simple Auditing Model (continued) Database Security and Auditing 40 Advanced Auditing Model • • • • Called “advanced” because of its flexibility Repository is more complex Registers all entities: fine grained auditing level Can handle users, actions, tables, columns Database Security and Auditing 41 Advanced Auditing Model (continued) Database Security and Auditing 42 Advanced Auditing Model (continued) Database Security and Auditing 43 Historical Data Model • • Used when a record of the whole row is required Typically used in most financial applications Database Security and Auditing 44 Historical Data Model (continued) Database Security and Auditing 45 Auditing Applications Actions Model Database Security and Auditing 46 C2 Security • • • Given to Microsoft SQL Server 2000 Utilizes DACLs (discretionary access control lists) for security and audit activities Requirements: – – – – Server must be configured as a C2 system Windows Integrated Authentication is supported SQL native security is not supported Only transactional replication is supported Database Security and Auditing 47 Summary • • Audit examines, verifies and validates documents, procedures, processes Auditing environment consists of objectives, procedures, people, and audited entities • Audit makes sure that the system is working and complies with the policies, standards, regulations, and laws • Auditing objectives established during development phase Database Security and Auditing 48 Summary (continued) • • • Objectives: compliance, informing, planning, and executing Classifications: internal, external, automatic, manual, hybrid Models: Simple Auditing 1, Simple Auditing 2, Advanced Auditing, Historical Data, Auditing Applications, C2 Security Database Security and Auditing 49 ... Components: – – – – Objectives: an audit without a set of objectives is useless Procedures: step-by-step instructions and tasks People: auditor, employees, managers Audited entities: people, documents,... and Auditing 37 Simple Auditing Model (continued) Database Security and Auditing 38 Simple Auditing Model • • • • Only stores the column value changes There is a purging and archiving mechanism;... is working and complies with the policies, regulations and laws Database Security and Auditing 17 Auditing Process (continued) • Performance monitoring: observes if there is degradation in performance