Databases Reference
In-Depth Information
fied through the auditing activities is superior to a standalone auditing sys-
tem. Database auditing is more effective if it is part of a database security
solution; together with the fact that you already saw that auditing is an inte-
gral part of database security, I get to reiterate that database auditing and
database security are most effective when they are delivered and imple-
mented in tandem.
13.12 Summary
In this chapter you explored the architectural attributes of a good auditing
implementation. You learned that auditing—like any other solution—must
possess some characteristics to make it effective. Together with Chapter 12,
this information covers all that you need in order to use auditing to address
security and compliance requirements that you may be facing within your
database environment.
This chapter concludes the second part of this topic that focuses on
auditing. This is also the last chapter in this topic, and together with Chap-
ters 1 to 10, it addresses topics you need to know in implementing effective
database security and auditing.
I would like to thank you for reading this topic. I hope that the chapters
in this topic helped you get a better understanding of database security. I
also hope that you learned methods and techniques that can help you in
your day-to-day work and that the topic managed to keep a balance
between techniques and patterns that can be used in all database environ-
ments while being specific and including enough real examples to make the
techniques concrete and immediately usable. Finally, I hope very much that
you have enjoyed reading this topic and that you will apply many of the
techniques described in this topic to make this a better and safer world.
13.A PGP and GPG
Pretty Good Privacy (PGP) was developed in 1990 using the Rivest-
Shamir-Adleman (RSA) public-key cryptosystem to answer the need for
private and secure communications between individuals over a digital
medium. PGP was released to the public in 1991 and quickly grew to
become the de facto standard worldwide for secure public-key encryption.
GNU Privacy Guard, or GnuPG (GPG), is the open-source equivalent of
PGP and was released under the GNU Public License (GPL).
PGP and
GPG are broadly used for a variety of tasks, including signing and encrypt-
ing documents submitted to business partners, encrypting local files, sign-
Search WWH ::
Custom Search