Accession Number : ADA225528


Title :   Secure DBMS Auditor


Descriptive Note : Final technical rept. Jun 1989-Jun 1990


Corporate Author : TRUSTED INFORMATION SYSTEMS INC GLENWOOD MD NAI LABS


Personal Author(s) : Schaefer, Marvin ; Hubbard, Brian ; Sterne, Dan ; Haley, Theresa ; McAuliffe, Noelle


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a225528.pdf


Report Date : Jul 1990


Pagination or Media Count : 123


Abstract : This report describes a study conducted in the area of auditing for trusted database management systems (TDBMS). Initially, a state-of-the-art survey was conducted to examine approaches to auditing in commercial TDBMS products and prototype TDBMS efforts. Some of the initial findings of this study based upon the extensive state-of-the-art survey include: (1) the objectives of auditing and the data of greatest value for auditing appear highly dependent upon the TDBMS application, security policy and environmental threats, (2) little evidence was found to corroborate the assumption that audit information collected by currently available operating systems is actually of use to auditors interested in the actions of database users, (3) to permit meaningful audit analysis, it may be necessary to be able to collect and correlate audit data from a number of different stages in the processing of a query, (4) intrusion detection technology may be a fruitful topic for future research, and (5) the audit system should be examined, in detail, concerning the credibility of what it records its log. Keywords: Multilevel security, Computer security, Auditing, Prototyping.


Descriptors :   *DATA PROCESSING SECURITY , *DATA MANAGEMENT , *DATA BASES , STATE OF THE ART , SECURITY , SURVEYS , PERSONNEL , INTRUSION DETECTION , AUDITING , ENVIRONMENTS , POLICIES , THREATS


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE