Summary

Auditing is a complementary part of the security process. Prevention and access control will always be important in security. However, auditing should not be overlooked. Providing the detection and response capabilities can be equally, if not more, important. Auditing effectively is critical to ensuring that performance and the value received from the auditing are congruent.

Oracle standard and fine-grained auditing (FGA) provide a powerful and secure way to ensure user accountability. Standard auditing allows for auditing to occur in many different ways to meet many different requirements. FGA augments this and allows for a higher fidelity in auditing, which reduces the number of extraneous audit records. The event handler can be used to do many powerful things. The auditing acts as both the detection and response system for the database. Similar to motion detectors that are wired to notify the police, the event handlers in FGA can be used to alert administrators of serious incidents the instant that they occur. Instant notification is essential to guarding the data.

Database auditing provides high auditing assurance because the auditing process can’t be circumvented or bypassed. The auditing is consistent regardless of application, query, user, and protocols being used to access the data. When done correctly, the auditing can provide valuable information about the users and their interactions with the database. Of most value may be the fact that you do not have to program the auditing. Oracle has already done this for you.