Join David Yahalom for an in-depth discussion in this video Database auditing, part of Oracle Database 12c: Security.
- [Instructor] Auditing in the context of an Oracle Database is all about accountability of users' actions, knowing which user performed which action in the database. Auditing is enabled to protect and preserve the privacy of data that is stored in your database and provide early detection of users who might be misusing their database permissions. For example, if your database contains sensitive information such as sales data, list of customers, or even personal user information, you will want to do two things.
One, restrict who has access to the data. But in addition, even for users who are allowed and authorized to access and manipulate sensitive data in the database, which is known as authorization or user permissions, you would also want to track their actions. So two, track who has accessed data for protection on compliance. Having strong permissions in place and configuring proper authorization of data access does not replace auditing and user accountability.
Remember that potentially safe database users can misuse their permissions and turn bad. This is where auditing comes to play. Users will be accountable for their actions. This sometimes in by itself can prevent certain users from misusing their permissions. Another example is tracking the actions of super database users such as database administrators who are tasked with maintaining the Oracle Database and making sure it runs smoothly.
These types of users usually have access to most if not all of the information stored in the database as part of their powerful permissions, so auditing these users is essential to protect any sensitive information stored in your database and make sure that these users won't misuse their permissions. The Oracle Database provides many built-in auditing capabilities that allows us to hold users accountable for their actions and provide early detection of suspicious activities and irregular data access patterns.
You don't need to rely on any external tools or utilities to track user activity in your database. You can choose to audit individual actions such as track which SQL statements have executed in your database. You can also track access to specific tables or data and in this type of auditing include the username, application, time of access, and more. Oracle allows us to enable auditing for both successful and failed activities such as when user access data they are allowed to access or even when users try to access data that they are not allowed to access.
You can also choose to only audit specific users and exclude others. You can audit specific tables as well as audit actions done on a specific Oracle 12c pluggable database or the entire multi-tenant container database instance. We will see how we can enable auditing and track access to data later in our course and where exactly is all of this audit information stored. Plus, of course, how we can review it.
Learn how to identify the major risks and security threats, and review general best practices for properly protecting and "hardening" any production database. Then, dive into hands-on demos that show how to set up user accounts, the connection between users and schemas, database object and system permissions, and roles in a multitenant environment, as well as encrypt data, audit user actions, and access to sensitive information. Plus, find out how to enable data-at-rest security via the Oracle Transparent Data Encryption and backup encryption options.
- Core concepts of Oracle database security
- Potential threats to Oracle database security
- Authentication and authorization
- Auditing access
- Data encryption
- Users and permissions
- Database roles