Pete Finnigan's Oracle Security Forum (http://www.petefinnigan.com/forum/yabb/YaBB.cgi)
Database Security >> Database Security >> database applications access logging
(Message started by: Pete Finnigan on Aug 20th, 2009, 4:30pm)

Title: database applications access logging
Post by Pete Finnigan on Aug 20th, 2009, 4:30pm
Hi.I'm starting a new project which covers overall organization information security.My background is essentially in networking arena so i'm starting getting my feet wet into database security field.
My question is what would be an efficient approach to monitor access violations to applications connect to databases? Our engine is DB2 (yeah i know wrong forum but this forum seems only devoted to security in database) so i'd like to hear from experts what would be a strategy to detect our main concern which is how to tell if some users are inapropiatelly accessing information.My first thinking was detecting a compromised database user id would be difficult and that we should focus on:

Database Auditing
Failed Authentication Detection

How could i achieve this? Is this the right approach?

Thank you



Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright 2000-2004 Yet another Bulletin Board