Databases Reference
In-Depth Information
In a C2-certified system, users are accountable for their activities and
any process they initiate. In order for this to be possible, any C2-certified
system must be able to audit any user activity, including any attempt to
read, write, and execute a resource managed by the system.
The next requirement of a C2-level system is that an owner of an object
can grant permissions for access to the object for other users or groups. This
is what the term
discretionary
implies. The default access for any object is no
access other than the owner. If an administrator takes control over an
object, the owner must know about this.
There are many other requirements for a system to be given a C2 certifi-
cation, but many of them are not dealt with within the database security
model but rather within the operating system's security model (e.g., protec-
tion for memory spaces, files, preemption of processing).
If you are running SQL Server, most chances are that you care more
about C2 auditing than you do about C2 certification (unless you work for
a government agency). C2 auditing tracks C2 audit events and records
them to a file in the \mssql\data directory for default instances of SQL
Server 2000, or the \mssql$instancename\data directory for named
instances of SQL Server 2000. If the file reaches a size limit of 200 mega-
bytes, C2 auditing will start a new file, close the old file, and write all new
audit records to the new file.
To enable C2 auditing, you must be a member of the sysadmin role and
you need to use the sp_configure system stored procedure to set
show
advanced options
to 1. Then set
c2 audit mode
to 1 and restart the server.
In a C2 certification, auditing is a must. Therefore, C2 auditing is imple-
mented in a way that if auditing cannot occur, the entire database shuts
down. For example, if the audit directory fills up, the instance of SQL
Server will be stopped! You must be aware of this and take appropriate mea-
sures to avoid outage. Moreover, when you restart the instance of SQL
Server, auditing is set to start up automatically, so you must remember to
free up disk space for the audit log before you can restart the instance of
SQL Server (or start the instance with the -f flag to bypass all auditing alto-
gether). To stop C2 audit tracing, set
c2 audit mode
to 0. Finally, remem-
ber the following (extracted from SQL Server documentation):
Important:
If all audit counters are turned on for all objects, there could be
a significant performance impact on the server.
Search WWH ::
Custom Search