Database Security: Auditing

Database auditing is used to track database access and user activity.

Auditing can be used to identify who accessed database objects, what actions were performed, and what data was changed.

Database auditing does not prevent security breaches, but it does provide a way to identify if breaches have occurred.

Auditing plays a central role in a comprehensive database security plan. The primary weakness of the audit process is the time delay between when data is recorded and when analysis is performed.
Consequently, breaches and other unauthorized activities are identified after the fact,making it difficult to mitigate adverse effects in a timely manner. However, solutions are being introduced that allow for real-time monitoring of database activity looking for patterned events
indicative of potential breaches and enacting real-time notification to database administrators when such actions occur. Whatever the case, database auditing is a necessary process, and students must be made aware of the need for continuous monitoring of database log files.