||Oracle Tips by Burleson
Chapter 3 Introducti
to Oracle Auditing
to modify the structure of such objects, e.g.
changing the length of a column from 12 digits to 15.
Under HIPAA regulations, any alteration to the
structure of the data containers, such as tables and views, should
be strictly audited. Therefore, you have to audit these changes and
preserve them for future reference. Typically, these audit trails
are examined to identify causes of errors or data corruption. For
instance, a decrease in length of a number field may not raise an
error, indeed, the number may be stored after truncating the first
or last few digits. This corruption is not detectable immediately
but it may surface later, and an audit trail can come in handy
during times of troubleshooting.
The easiest way to achieve this is through the
use of some type of version control system software like RCS or SCCS.
If the organization has a policy of placing everything in the
version control system, the changes made are automatically recorded.
But what happens when someone makes an emergency change without
using the proper procedure? The setup fails. This is a classic case
of a system where the integrity can be guaranteed only when everyone
follows the rules and no one bypasses them. However, in real life
this cannot be guaranteed, and the dependability of the version
control system becomes questionable.
To establish a foolproof system to audit these
DDL Changes, the best option is to use triggers on these objects to
capture changes. An example of such a DDL trigger is given below.
The above text is
an excerpt from:
Oracle Privacy Security Auditing
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only
and has an
immediate download of working security scripts: