Visible to the public In-database Auditing Subsystem for Security Enhancement

TitleIn-database Auditing Subsystem for Security Enhancement
Publication TypeConference Paper
Year of Publication2021
AuthorsBašić, B., Udovičić, P., Orel, O.
Conference Name2021 44th International Convention on Information, Communication and Electronic Technology (MIPRO)
Date Publishedsep
KeywordsAccess Control, audit trail analysis, codes, composability, database forensics, Database Security, Databases, Generators, Human Behavior, in-database auditing, Intrusion detection, Metrics, pubcrawl, relational database security, relational databases, resilience, Resiliency, SQL trigger, Tools
AbstractMany information systems have been around for several decades, and most of them have their underlying databases. The data accumulated in those databases over the years could be a very valuable asset, which must be protected. The first role of database auditing is to ensure and confirm that security measures are set correctly. However, tracing user behavior and collecting a rich audit trail enables us to use that trail in a more proactive ways. As an example, audit trail could be analyzed ad hoc and used to prevent intrusion, or analyzed afterwards, to detect user behavior patterns, forecast workloads, etc. In this paper, we present a simple, secure, configurable, role-separated, and effective in-database auditing subsystem, which can be used as a base for access control, intrusion detection, fraud detection and other security-related analyses and procedures. It consists of a management relations, code and data object generators and several administrative tools. This auditing subsystem, implemented in several information systems, is capable of keeping the entire audit trail (data history) of a database, as well as all the executed SQL statements, which enables different security applications, from ad hoc intrusion prevention to complex a posteriori security analyses.
DOI10.23919/MIPRO52101.2021.9596906
Citation Keybasic_-database_2021