|
 |
|
Oracle Tips by Burleson |
Chapter 3 Introducti
on
to Oracle Auditing
Continuing our story of John and Jeff visiting
the museum, they find themselves in an interesting situation. The
day after their visit, a newsflash shakes the town. The Koh-I-Noor
diamond, worth several million dollars, was not found in its place,
it has been stolen!
All parties concerned with security spring into
action – the security department of the museum, the city police
detectives, and even the investigators of the insurance company that
insure the museum displays. The first thing they do is check the
people who may have entered the room that housed the diamond. But
there is a little problem - there is no record of the people who
entered the room that day. The only helpful information they can
collect is that access to this area of the museum is restricted to
museum employees.
Let's analyze the situation for a moment – the
museum could not even ascertain who did enter the room, let alone
who handled the diamond. The ability to check who actually handles
objects, not just who has the authority, is provided by auditing. A
good auditing system provides a process of recording the accesses to
the objects in a storage system, forming an audit trail.
The museum here has a
good security system, but not a good auditing system. A good
auditing system should meet three very important goals – recording
the access
The above text is
an excerpt from:
Oracle Privacy Security Auditing
The
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only
$39.95
and has an
immediate download of working security scripts:
|