AUDIT OF CHANGES TO SQL SERVERDATABASE TABLES
DOI:
https://doi.org/10.18372/2410-7840.23.15432Keywords:
database, program-driven data protection, registration and audit, cancelation of unwanted changes in the databaseAbstract
The registration and audit subsystemis an inalienable
component of information systems. All modern DBMS
have the ability to register and process information about
performedoperations. SQL Server since version 2008 has
the ability to define an audit specification [1] at the server
or database level. However, the data from the system
audit does not consider the requirements of theinformation system’s business model. It becomes necessary to
customize the registration process considering the specifics of the subject area. In addition, the most important
task of database protection is to ensure data integrity. In
modern complex IS a number of tables must be protected
from unwanted change operations (inserts, updates and
deletions). Audit data can be used to cancel such unwanted actions. In this case, there is not enough information
in the system logs. This article discusses an approach to
solving the audit of changes to DB tables problem in
order to prevent unwanted data changes. This approach is
implemented in the form of a methodology of creating
database objects with the help of which user actions are
registered and unwanted changes can be canceled. To
solve the problem of user actions registration it is proposed to use a separate database schema for audit, a special audit table and triggers of the DB information tables.SQL procedures are proposed for unwanted changes
cancellation. The software implementation that makes it
possible to use it as part of automated DB protection is
given for each stage of methodology.
References
SQL Server [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/pre vious-versions/sql/sql-server-2008/dd392015 (v=sql. 100)?redirecte dfrom=MSDN.
SQL_Server [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/pre vious-versions/sql/sql-erver08/dd283095(v=sql.100)
?redirected from=MSDN.
Security [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/sql/rela tional-databases/security/contained-database-users-making-your-database-portable?view=sql-server-ver 15.
SQL Server [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/sql/ t-sql/statements/create-role-transact-sql?view=sql-se rver-ver15.
Audit_triggers [Електронний ресурс] – Режим до-ступу до ресурсу:https://github.com/ForAudit/ SQLaudit/blob/master/Audit_triggers_proc.sql.
Downloads
Published
Issue
Section
License
Authors who publish with this journal agree to the following terms:- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).
