Why Oracle 12c Has Introduced Two New Roles – AUDIT_ADMIN And AUDIT_VIEWER.

3/12/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id… 1/3

%50

%19

SafeAssign Originality Report Database Security – 201930 – CRN160 – Thota • Week 8 Paper

%71Total Score: High riskPratibha Sugureddygari Submission UUID: b0b91467-9346-6662-c8c8-6d32b50133c4

Total Number of Reports

1 Highest Match

71 % Submission_Text.html

Average Match

71 % Submitted on

03/10/19 10:12 PM EDT

Average Word Count

670 Highest: Submission_Text.html

%71Attachment 1

Institutional database (6)

Student paperStudent paper Student paperStudent paper Student paperStudent paper

Internet (4)

oracle-baseoracle-base ugentugent oracleoracle

oracleoracle

Global database (1)

Student paperStudent paper

Top sources (3)

Excluded sources (0)

View Originality Report – Old Design

Word Count: 670 Submission_Text.html

33 11 22

44 1010 88

99 1111 77

33 Student paperStudent paper 11 Student paperStudent paper 99 oracle-baseoracle-base

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id=_43338_1&download=true&includeDeleted=true&print=true&force=true

3/12/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id… 2/3

Source Matches (19)

Student paper 100%

Student paper 65%

Student paper 71%

Student paper 62%

AUDIT_ADMIN and AUDIT_VIEWER

To start with, auditing is the monitoring and recording of configured database actions form both the users of the database as well as the database non-users.

The actions of the database users are known through database auditing. Database administrators set up the auditing for the sake of security purposes so that

users are not able to access information without permission. Therefore, database auditing helps in keeping a check on the actions of the database of the users.

The users who are accepted in the through the client _identifier attribute in the database are referred to as the non-database users. Auditing this type of users

unified audit policy condition or Oracle database real application security is used.

There are many advantages associated with auditing. Firstly, Auditing is important in that it allows accountability for actions such as actions taken on the schema,

table, or row which affects specific content (Groomer, & Murthy, 2018). Secondly, it helps in deterring intruders or users from inappropriate actions based on

their accountability. Thirdly, auditing notifies auditors of actions of an authorized user for instance when an intruder changes or deletes any file or if an operator has extra rights than anticipated. Lastly, auditing helps in data monitoring and data gathering concerning a particular event in the database such the tables updating, the logical I/Os being completed or the simultaneous operators who can link in the at the pick times.

It is possible to configure the audit for both successful and failed activities as well as including or excluding specific users from the audit. Apart from auditing the

standard activities provided by the database, auditing can also initially; users were allowed adding and removing audit configuration to objects in their own schemas without any additional privileges. However with the introduction of two new roles by oracle 12c which are AUDIT_ ADMIN and AUDIT_ VIEWER the case is totally

different. The two new roles facilitate responsibilities separation in the process of auditing. In audit configuration, it is not necessary having the dba role or connecting as sysdba. In the side of security, this is a very big improvement.

AUDIT_ADMIN is used by the administrators in configuring, auditing and administration of both unified audit policies and fine-grained policies and this role also

helps in viewing and analyzing audit data, which is the primary role of the security administrator (Ravikumar, Krishnakumar, & Basha, 2017). In order for an

auditor to perform any kind of auditing, they must be granted the audit admin_ role. Having an AUDIT_ADMIN, creating, altering, enabling, disabling and dropping audit policies, viewing audit data, as well as managing the trail of unified audit becomes easier for auditors. AUDIT_VIEWER, on the other hand, is used by the

auditors in viewing and analyzing audit data only. This role is typically granted to the external auditors, and the auditors can only view audit data after being granted the AUDIT_VIEWER role. It provides the executive privilege on the package of DBMS_AUDIT_UTIL PL/SQL.

The provision of these two new roles is helpful in that it provides an audit performance which is much faster as compared to the previous releases of the Oracle database. It has easier controlling how the audit records are written on the audit trail. The audit data can be written immediately or it can also be queued in the memory. The introduction of audit policies and the unified audit trail has helped in simplifying the configuration of database auditing in Oracle 12c. The auditing

of the database has always been extremely flexible; however, this flexibility has always made feel complicated.

References

Groomer, S. M., & Murthy, U. S. (2018). Continuous auditing of database applications: An embedded audit module approach. In Continuous Auditing: Theory

and Application (pp. 105-124). Emerald Publishing Limited.

http://www.dba86.com/docs/oracle/12.2/DBSEG/introduction-to-auditing.htm

Ravikumar, Y. V., Krishnakumar, K. M., & Basha, N. (2017). Oracle Database Upgrade and Migration Methods: Including Oracle 12c Release 2. Apress.

11 11

1010

1111 1111

Student paper

AUDIT_ADMIN and AUDIT_VIEWER

Original source

audit-admin and audit-viewer

Student paper

To start with, auditing is the monitoring and recording of configured database actions form both the users of the database as well as the database non- users.

Original source

Auditing involves monitoring as well as recording on all configured databases actions from databases users and non- users

Student paper

The actions of the database users are known through database auditing. Database administrators set up the auditing for the sake of security purposes so that users are not able to access information without permission. Therefore, database auditing helps in keeping a check on the actions of the database of the users.

Original source

Database auditing is required to keep a check on the database actions of the users For security purposes, database administrators set up the auditing for example cases where without the permission to access information the users should be able to not access it Database auditing is required to keep a check on the database actions of the users

Student paper

The users who are accepted in the through the client _identifier attribute in the database are referred to as the non- database users.

Original source

Non database users are recognized by the database by using the attribute called CLIENT_IDENTIFIER and also it refers only to the application users

3/12/2019 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id… 3/3

oracle 68%

Student paper 64%

oracle 71%

Student paper 72%

Student paper 65%

Student paper 66%

Student paper 72%

Student paper 63%

oracle-base 75%

Student paper 100%

ugent 100%

Student paper

Auditing this type of users unified audit policy condition or Oracle database real application security is used.

Original source

Configuring a Unified Audit Policy for Oracle Database Real Application Security

Student paper

There are many advantages associated with auditing.

Original source

There are many advantages that are associated with computer audit software

Student paper

Secondly, it helps in deterring intruders or users from inappropriate actions based on their accountability.

Original source

Deter users (or others, such as intruders) from inappropriate actions based on their accountability

Student paper

It is possible to configure the audit for both successful and failed activities as well as including or excluding specific users from the audit.

Original source

The audit can be configured for both failed and successful activities, as well as including or excluding particular users from the process

Student paper

However with the introduction of two new roles by oracle 12c which are AUDIT_ ADMIN and AUDIT_ VIEWER the case is totally different.

Original source

Oracle 12c has introduced two new roles – AUDIT_ADMIN and AUDIT_VIEWER for unified auditing

Student paper

AUDIT_ADMIN is used by the administrators in configuring, auditing and administration of both unified audit policies and fine-grained policies and this role also helps in viewing and analyzing audit data, which is the primary role of the security administrator (Ravikumar, Krishnakumar, & Basha, 2017).

Original source

AUDIT_ADMIN is the role which enables the administrator to configure auditing and administer both unified audit policies and fine-grained audit policies and view and analyze audit data, which is the role of a security administrator

Student paper

In order for an auditor to perform any kind of auditing, they must be granted the audit admin_ role.

Original source

To perform any kind of audits you must be granted the Audit_Admin Role

Student paper

AUDIT_VIEWER, on the other hand, is used by the auditors in viewing and analyzing audit data only.

Original source

And another AUDIT_VIEWER used for viewing and analyzing the data in auditing

Student paper

The introduction of audit policies and the unified audit trail has helped in simplifying the configuration of database auditing in Oracle 12c. The auditing of the database has always been extremely flexible;

Original source

The introduction of audit policies and the unified audit trail simplifies the configuration of database auditing in Oracle 12c Database auditing has always been extremely flexible, but that flexibility has also served to make it feel complicated

Student paper

M., & Murthy, U.

Original source

M., & Murthy, U

Student paper

Continuous auditing of database applications: An embedded audit module approach. In Continuous Auditing: Theory and Application (pp.

Original source

Continuous auditing of database applications An embedded audit module approach In Continuous Auditing Theory and Application (pp

Student paper

Emerald Publishing Limited.

Original source

Emerald Publishing Limited

Student paper

http://www.dba86.com/docs/oracle/12.2/ DBSEG/introduction-to-auditing.htm

Original source

http://www.dba86.com/docs/oracle/12.2/ DBSEG/introduction-to-auditing.htm

Student paper

V., Krishnakumar, K. M., & Basha, N.

Original source

V, Krishnakumar, K M, & Basha, N

Student paper

Oracle Database Upgrade and Migration Methods: Including Oracle 12c Release 2.

Original source

Oracle Database Upgrade and Migration Methods Including Oracle 12c Release 2

Why Oracle 12c Has Introduced Two New Roles – AUDIT_ADMIN And AUDIT_VIEWER.

Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!

DISCLAIMER

PAYMENT METHODS

CONTACT US

E MAIL:

Archive

Do you need a similar assignment done for you from scratch? Order now! Use Discount Code "Newclient" for a 15% Discount!

Share this:

DISCLAIMER

PAYMENT METHODS

CONTACT US

E MAIL:

Archive

Do you need a similar assignment done for you from scratch? Order now!
Use Discount Code "Newclient" for a 15% Discount!