Question : whats d relevant of auditing and securing database in an organisation (using oracle database 10g)?
writing a project on it… i need help coz i’m stuck!
database auditing

Best answer:

Answer by yuntaa_dba
Hi –

Since major corporation store their most sensitive and mission-critical data inside the Oracle Database, it’s paramount for them to secure that data as well as audit who is accessing that data.

Securing data in Oracle 10g can be done is several ways. The starting point is actually not eve in the database, but rather the server and ports on the server running the database. These must be secured first, to prevent hackers from even getting a chance to find your database. Next, at the database itself, start by creating “strong” passwords for your users. A “strong” password is one that can’t be easily guessed (like any work in the dictionary, or something like “azerty” or “password123″). Luckily, in Oracle 10g, most accounts that were typically unlocked by default in previous versions are now locked by default. Once “strong” passwords are given, then practice a “least privileges”. This means only granting the least amount of privileges necessary for a user to do their job. Don’t grant everyone DBA privileges. Grant specific privileges instead of general roles. Or better yet, grant privileges you are sure you need to your own roles, then grant those roles to your users.
From here, you can get more advanced with Transparent Encryption (encrypts data in columns), Fine Grained Access Control, Contexts . . . The list goes on. An excellent reference is David Knox. A google search or a purchase of his book on amazon.com would be a good investment.

For auditing, you need to know who is viewing your data. Auditing at the database level is acceptable if required by the FDA or other agency that could shut down your business if it wants to. For just keeping tabs on who is doing what in the database, you can setup auditing on a table or schema. You can also use Contexts to capture IP addresses, machine names, usernames, etc of users in the database and what they’re doing. Truggers can also be used in FGAC to capture before and after images of data and who did what to what object.

OK, I guess that’ll get you started anyways.

Some good links for research information:

www.otn.oracle.com (Documentation Tab)

http://asktom.oracle.com