数据库安全审计L04DBAuditing精品PPT课件
合集下载
相关主题
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
4-6
Copyright © 2005, Oracle. All rights reserved.
Specifying Audit Options
• SQL statement auditing:
AUDIT table;
• System-privilege auditing (nonfocused and focused):
Description Default audit options Statement auditing options Privilege auditing options Schema object auditing options
4-11
Copyright © 2005, Oracle. All rights reserved.
0 0829 22:40
FRED LOGON
0
• Check DBA_AUDIT_TRAIL.COMMENT_TEXT.
4-9
Copyright © 2005, Oracle. All rights reserved.
Viewing Auditing Options
Data Dictionary View ALL_DEF_AUDIT_OPTS DBA_STMT_AUDIT_OPTS DBA_PRIV_AUDIT_OPTS DBA_OBJ_AUDIT_OPTS
database • OS: Enables auditing with records stored in the OS
audit trail Can audit: • Login events • Exercise of system privileges • Exercise of object privileges • Use of SQL statements
auditing
object access
Value-based auditing
Data changed by DML statements
Administrator defined
Fine-grained auditing (FGA)
SQL statements (INSERT, Fixed set of data,
AUDIT select any table, create any trigger; AUDIT select any table BY hr BY SESSION;
• Object-privilege auditing (nonfocused and focused):
AUDIT ALL on hr.employees; AUDIT UPDATE,DELETE on hr.employees BY ACCESS;
Standard Database Auditing
DBA
Enable database auditing.
UPDATE, DELETE, and
including the
SELECT) based on
SQL statement
content
4-5
Copyright © 2005, Oracle. All rights reserved.
Standard Database Auditing
Is enabled through the AUDIT_TRAIL parameter • NONE: D来自百度文库sables collection of audit records • DB: Enables auditing with records stored in the
4-3
Copyright © 2005, Oracle. All rights reserved.
Audit Tool Comparisons
Type of Audit
What Is Audited?
What Is in the Audit Trail?
Standard database Privilege use including Fixed set of data
4-7
Copyright © 2005, Oracle. All rights reserved.
Auditing Sessions
• Audit unsuccessful attempts to connect:
AUDIT CREATE SESSION BY ACCESS WHENEVER NOT SUCCESSFUL;
4-2
Copyright © 2005, Oracle. All rights reserved.
Monitoring for Suspicious Activity
Monitoring or auditing should be an integral part of your security procedures. The built-in audit tools in Oracle Database 10g include: • Database auditing • Value-based auditing • Fine-grained auditing (FGA)
Database Auditing
Copyright © 2005, Oracle. All rights reserved.
Objectives
After completing this lesson, you should be able to do the following: • Implement basic database auditing • Implement auditing of the privileged user • Implement DML and DDL auditing
• Monitor DBA_AUDIT_SESSION:
USERNA ACTION_NAME
RETURNCODE LOGOFF
------ -------------------- ----------
FRED LOGON
1017
FRED LOGOFF
0 0829 22:39
FRED LOGOFF BY CLEANUP