Databases Reference
In-Depth Information
{<PERSON, FirstName>, <PERSON, LastName>, <LICENSE, LicNum>}
In order to audit the privacy set, you need to ensure that the value for
<LICENSE, LicNum>
comes from the record with a
PersonID
matching the
ID
in the record from which
<PERSON, FirstName>
and
<PERSON, Last-
Name>
are derived. Once you classify where your private information
resides, you can turn to creating audit trails. This will ensure that you're not
collecting too much information to process.
Creating SELECT audit trails is usually more difficult than for other
audit categories. Obviously, snapshots are not an option here and neither are
triggers, so you're left with using database traces or an external auditing sys-
tem. There is also the option of building views with custom logging, but that
tends to be too much work and requires too many changes. Even when using
internal database features, your options are a bit more limited. For example,
even if you have support for SELECT traces (e.g., using the DOP event in
SQL Server as shown below), it is often not practical because you would be
collecting too much information and would need to apply filters.
Event ID
Event Class
Description
DOP Event
Occurs before a SELECT, INSERT, or UPDATE state-
ment is executed.
28
Therefore, when you need to do SELECT auditing, your best choice is
often to use an external database auditing system. Note that not all
approaches (see Section 13.3)
support SELECT auditing; as an example, a
solution that is based on the transaction log (the redo log) will not help
with a SELECT audit trail.
12.11 Audit any changes made to the definition of
what to audit
Audit changes made to the definition of the audit trail and any modifica-
tion that may be made to the audit trail itself. If you have cameras looking
at a building, you will want to monitor any maintenance made to the cam-
eras and any changes made to the cameras in terms of where they are point-
ing. Otherwise, an intruder could first point the cameras at the wall (or
attach a static picture to the camera as we've all seen in many movies) and
then proceed to walk right through the door. In the same way, if you do not
audit changes made to the audit trail, an attacker can either change the def-
initions of what is being audited or can come after the fact and change the
Search WWH ::
Custom Search