Overview of Database Query Auditing Techniques

Ms. Vidya Ingle; Prof. Manjusha Deshmukh

Abstract

Government regulations and increased awareness of security issues have increased the auditing requirements of information technology systems. The goal of an auditing system is to determine if security and other policies are being violated. It provides the way to detect intrusions into the system, including privileged users and also provide periodic report of system usage and data modifications. Auditing can also be used to detect and recover database systems in case of system failure or human errors. Thus auditing is a key part of the security infrastructure in a database system. While commercial database systems provide mechanisms such as triggers that can be used to track and log any changes made to “sensitive” data using UPDATE queries, they are not useful for tracking accesses to sensitive data using complex SQL queries, which is important for many applications given recent laws such as HIPAA. This paper focuses on a framework for auditing queries and several different notions of suspiciousness for simple SQL queries. It also focuses on notion of SELECT triggers that extends triggers to work for SELECT queries in order to facilitate data auditing.

Keywords

Data auditing, SQL query auditing, SELECT Triggers.

References

[1] R. Agrawal, R. J. Bayardo, C. Faloutsos, J. Kiernan, R. Rantzau, and R. Srikant “Auditing compliance with a hippocratic database.”, In VLDB, 2004.

[2] R. Motwani, S. U. Nabar, and D. Thomas “Auditing SQL queries”, In ICDE, 2008.

[3] Rajeev Motwani, Shubha U. Nabar, Dilys Thomas, “Auditing a Batch of SQL Queries”, Data Engineering Workshop (ICDE Wkshp), 2007 IEEE 23rd International Conference

[4] Daniel Fabbri #1, Ravi Ramamurthy _2, Raghav Kaushik _“SELECT Triggers For Data Auditing”, 2013 IEEE, ICDE Conference 2013

[5] D. Fabbri, K. LeFevre, and Q. Zhu-.”Policy Replay: Misconfiguration response queries for data breach reporting”, In VLDB, 2010.

Cites this article as

M. V. Ingle, P. M. Deshmukh, "Overview of Database Query Auditing Techniques", International Journal of Innovative Research in Computer Science and Technology (IJIRCST), Vol-2, no.3, pp.108-112, 2014. Available from:

Corresponding Author

Ms. Vidya Ingle

Department of Information Technology, Mumbai University/ Pillaiâ€™s Institute if Information Technology, New Panvel, India, (e-mail: inglevidya@rediffmail.com).

Download Full Paper

Download PDF

No. of Downloads: 2 | No. of Views: 1088

Diffusion Dynamics Applied with Novel Methodologies

Anmol Chauhan, Sana Rabbani, Devendra Agarwal, Nikhat Akhtar, Yusuf Perwej.

July 2024 - Vol 12, Issue 4
Design And Development of Sketch Based Image Retrieval Using Deep Learning

Dr S. A. Talekar, Shravani A. Lajurkar, Divya S. Patil, Rutika A. Benke, Pranjal A. Kunde.

May 2024 - Vol 12, Issue 3
Protecting Children from Online Grooming in India's Increasingly Digital Post-Covid-19 Landscape: Leveraging Technological Solutions and AI-Powered Tools

Dr. Deepika Rani.

May 2024 - Vol 12, Issue 3

IJIRCST

Overview of Database Query Auditing Techniques

Citations

Download Full Paper PDF

Total View 1088

Total Download 2