Download Audit Application - Almaden

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
Document related concepts

Database wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Microsoft SQL Server wikipedia , lookup

SQL wikipedia , lookup

Open Database Connectivity wikipedia , lookup

Extensible Storage Engine wikipedia , lookup

Relational model wikipedia , lookup

Clusterpoint wikipedia , lookup

Database model wikipedia , lookup

Transcript 
Extreme Blue
Eunomia
HDB Compliance Auditing
System Architecture
© 2004 IBM Corporation
Extreme Blue
Eunomia system overview
Two components:
 Component 1: the logging tool will record the
extra information necessary to determine “who
accessed which data?”
 Component 2: the audit tool will retrieve this
information from the logs to answer questions
about data access.
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Eunomia system overview
Requests for Personal
Information
Chief Privacy Officer
Enterprise Application
Audit Tool
Eunomia Interface
Log Retrieval API
DB2
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Piece 1: The Logging Tool
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of logging from 50,000 feet
Before:
Enterprise
Application
After:
Enterprise
Application
DB2 Driver API
JDBC
Eunomia Interface
JDBC
DB2
Eunomia Compliance Auditing | System Architecture
DB2
© 2004 IBM Corporation
Extreme Blue
Overview of logging from 50,000 feet
We want to:
 minimize overhead of storing extra logging
information
 defer as much computation expense as possible
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of logging from 50,000 feet
Solution:
 query logs – record all queries for data
 transaction log – record all changes to data in the
database in shadow tables
 at audit time, calculate from the shadow tables which
information was accessed by which queries
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of query logging
Enterprise
Application
Query Handler
Write Log
JDBC Interface
Query
Query Logs
Eunomia Compliance Auditing | System Architecture
Data
© 2004 IBM Corporation
Extreme Blue
Overview of backlogging
Personal
Information
Tables
Triggers on Update, Insert, and Delete
Shadow
Tables
 Shadow tables maintain a temporal log of all information stored in the actual
data tables.
 Suppose you want to know what the database looked like at a certain point
in time.
 First select the set of records that have an earlier timestamp than your
desired date
 From that set, then select the set of records that have the latest timestamp.
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
PACT configuration wizard
 an automated tool for configuring a database to
support logging
 a database administrator can specify a database
connection which the wizard will analyze
 the wizard will generate and execute the SQL
necessary to augment the existing database tables
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Eunomia configuration wizard
prompt admin for
database settings
analyze database
tables
create shadow
tables
populate shadow tables with
current table information
create query log
table
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of logging from 1000 feet
Logs
Applications
DBA
PACT Driver
Eunomia
Configuration Tool
Data Tables
Triggers
Shadow Tables
Audit Tools
CPO
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of logging from 100 feet
DBA
Doctor
Applications
query and
query results
Pact Configuration Wizard
Eunomia Interface
JSP/GUI Interface
JDBC Interface
Log Setup
BacklogSQLGenerator
query record
JDBC Interface
setup query logs
setup backlogs
read schema
Logs
Data
Eunomia Compliance Auditing | System Architecture
Triggers
Shadow Tables
© 2004 IBM Corporation
Extreme Blue
Piece 2: The Audit Tool
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of auditing from 50,000 feet
Logs
Shadow Tables
Log Retrieval API
Audit Tool
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of auditing from 50,000 feet
 Auditing tools only care about questions like “What information was
accessed by doctor X on date Y, in response to query Z.” The auditing
tools would love to have the log data in the following format:
Query
select * from patients
select * from patients
select * from patients
Date
2/1/2004
2/1/2004
2/1/2004
Requester
Dr. Haas
Dr. Haas
Dr. Haas
Fields Accessed
record 7->name
record 7->age
record 7->SSN
Data Returned
Joseph Laws
20
123-45-6789
Note – table is just a quick illustration of how the auditing
tools would like to get at the data. Don’t nit-pick it.
 Unfortunately, processing all of the query log and backlog data to put it in
this format is computationally expensive. Instead, it is necessary to
process the data on the fly using a SQL query rewrite engine.
 This layer of complexity is hidden within the “Log Retrieval API,” which will
translate the data from the log format, to the format the audit tools want to
use it in.
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Overview of auditing from 1000 feet
Logs
Shadow Tables
JDBC and SQL
Log Retrieval
Layer
SQL Rewrite Engine
Request Processor
Result Processor
Log Retrieval API
Audit
Application
Tools For Viewing Logs
Eunomia Compliance Auditing | System Architecture
Tools for Comparing Logs
Against Privacy Policies
© 2004 IBM Corporation
Extreme Blue
Queries and Query Sets
 An auditor may want to retrieve a set of queries, and then
process and analyze the queries in a number of ways
 We will create “Query” objects and Query Sets, which will
represent the query information retrieved from the database.
 This will eliminate repeat computation when someone wants to
process a set of queries in multiple ways.
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Extreme Blue
Queries and Query Sets
Database
JDBC: SQL and
ResultSet Objects
Log Retrieval API
Query and QuerySet
Objects
Audit Tool
Eunomia Compliance Auditing | System Architecture
© 2004 IBM Corporation
Related documents
Call for Papers/Presentations 32nd World Continuous Auditing and Reporting Symposium
Call for Papers/Presentations 32nd World Continuous Auditing and Reporting Symposium
Artificial Intelligence in Accounting and Auditing:
Artificial Intelligence in Accounting and Auditing:
The Gaian Database: a Dynamic Distributed Federated Database
The Gaian Database: a Dynamic Distributed Federated Database
Operating Systems
Operating Systems
Haas
Haas
Database tools for auditing and forensics
Database tools for auditing and forensics
Using R Efficiently with Large Databases
Using R Efficiently with Large Databases
Physical data organization Disks, blocks, tuples, schemas
Physical data organization Disks, blocks, tuples, schemas
The History of Computing By Nikki Kenny
The History of Computing By Nikki Kenny
CSE 510 Database Management System Implementation
CSE 510 Database Management System Implementation
4a-SQL-Select
4a-SQL-Select