Government regulations and increased awareness of security issues have increased the auditing requirements of information technology systems. The goal of an auditing system is to determine if security and other policies are being violated. It provides the way to detect intrusions into the system, including privileged users and also provide periodic report of system usage and data modifications. Auditing can also be used to detect and recover database systems in case of system failure or human errors. Thus auditing is a key part of the security infrastructure in a database system. While commercial database systems provide mechanisms such as triggers that can be used to track and log any changes made to “sensitive” data using UPDATE queries, they are not useful for tracking accesses to sensitive data using complex SQL queries, which is important for many applications given recent laws such as HIPAA. This paper focuses on a framework for auditing queries and several different notions of suspiciousness for simple SQL queries. It also focuses on notion of SELECT triggers that extends triggers to work for SELECT queries in order to facilitate data auditing.
Data auditing, SQL query auditing, SELECT Triggers.
[1] R. Agrawal, R. J. Bayardo, C. Faloutsos, J. Kiernan, R. Rantzau, and R. Srikant “Auditing compliance with a hippocratic database.”, In VLDB, 2004.
[2] R. Motwani, S. U. Nabar, and D. Thomas “Auditing SQL queries”, In ICDE, 2008.
[3] Rajeev Motwani, Shubha U. Nabar, Dilys Thomas, “Auditing a Batch of SQL Queries”, Data Engineering Workshop (ICDE Wkshp), 2007 IEEE 23rd International Conference
[4] Daniel Fabbri #1, Ravi Ramamurthy _2, Raghav Kaushik _“SELECT Triggers For Data Auditing”, 2013 IEEE, ICDE Conference 2013
[5] D. Fabbri, K. LeFevre, and Q. Zhu-.”Policy Replay: Misconfiguration response queries for data breach reporting”, In VLDB, 2010.
Department of Information Technology, Mumbai University/ Pillai’s Institute if Information Technology, New Panvel, India, (e-mail: inglevidya@rediffmail.com).
