||Oracle Tips by Burleson
Chapter 11 Oracle Fine Grained Auditing
amounts more than $500. If the user selects any
claim below that amount, it is not worth keeping an auditing record.
FGA can easily handle this. The parameter
audit_condition that was not used in the earlier example can be used
to trigger auditing selectively. To satisfy the requirement, we
could specify the parameter
in the dbms_fga.add_policy procedure. By default, all access queries are audited, regardless
of the data returned. The above parameter will restrict the auditing
information. Even if the query does not specify the clause, if any
of the rows returned contain a claim amount of more than 500, the
auditing is triggered.
The parameter can also be provided in multiple
Here the auditing will be triggered if either
of the conditions CLAIM_AMOUNT>500 or PAID_AMOUNT>500 is satisfied
in the retrieved data.
HIPAA requirements could determine the change in strategy.
Typically, the law might ask that access only to certain columns be
audited, for example to sensitive columns containing Personal Health
Information. In your case, the columns are perhaps Social Security
Number (SSN), procedures conducted on
The above text is
an excerpt from:
Oracle Privacy Security Auditing
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only
and has an
immediate download of working security scripts: