Synonyms
Accountability; Monitoring
Definition
The goal of database auditing is to retain a secure record of database operations that can be used to verify compliance with desired security policies, to trace policy violations, or to detect anomalous patterns of access. An audit log can contain the authorization ID and time stamp of read and write operations in the database, as well as a record of server connections, login attempts and authorization changes. Government and institutional regulations for the management of sensitive information often require auditing of data disclosure and data modification.
Database forensicsis the analysis of the state of a database system to validate hypotheses about past events that are relevant to an alleged crime or violation of policy. Evidence supporting a forensic analysis may be found in an audit log (if available) but may also be recovered from any other component of a database system including table storage, the transaction log, temporary...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Adam NR, Wortmann JC. Security-control methods for statistical databases: a comparative study. ACM Comput Surv. 1989;21(4):515–56.
Agrawal R, Bayardo RJ, Faloutsos C, Kiernan J, Rantzau R, Srikant R. Auditing compliance with a hippocratic database. In: Proceedings of the 30th International Conference on Very Large Data Bases; 2004. p. 516–27.
Ammann P, Jajodia S, Liu P. Recovery from malicious transactions. IEEE Trans Knowl Data Eng. 2002;14(5):1167–85.
Castano S, Fugini MG, Martella G, Samarati P. Database security. New York: ACM/Addison-Wesley; 1994.
Jensen CS, Mark L, Roussopoulos N. Incremental implementation model for relational databases with transaction time. IEEE Trans Knowl Data Eng. 1991;3(4):461–73.
Lomet D, Vagena Z, Barga R. Recovery from “bad” user transactions. In: Proceedings of the ACM SIGMOD International Conference on Management of Data; 2006. p. 337–46.
Snodgrass RT, Collberg CS. The τ-BerkeleyDB temporal subsystem. Available at www.cs.arizona.edu/tau/tbdb/
Snodgrass RT, Collberg CS. The τ-MySQL transaction time support. Available at www.cs.arizona.edu/tau/tmysql
Stahlberg P, Miklau G, Levine B. Threats to privacy in the forensic analysis of database systems. In: Proceedings of the ACM SIGMOD International Conference on Management of Data; 2007. p. 91–102.
Waters B, Balfanz D, Durfee G, Smetters D. Building an encrypted and searchable audit log. In: Proceedings of the Network and Distributed System Security Symposium; 2004. p. 91–102.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2018 Springer Science+Business Media, LLC, part of Springer Nature
About this entry
Cite this entry
Levine, B., Miklau, G. (2018). Auditing and Forensic Analysis. In: Liu, L., Özsu, M.T. (eds) Encyclopedia of Database Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-8265-9_30
Download citation
DOI: https://doi.org/10.1007/978-1-4614-8265-9_30
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-8266-6
Online ISBN: 978-1-4614-8265-9
eBook Packages: Computer ScienceReference Module Computer Science and Engineering