AUDIT OF CHANGES TO SQL SERVERDATABASE TABLES

Authors

DOI:

https://doi.org/10.18372/2410-7840.23.15432

Keywords:

database, program-driven data protection, registration and audit, cancelation of unwanted changes in the database

Abstract

The registration and audit subsystemis an inalienable
component of information systems. All modern DBMS
have the ability to register and process information about
performedoperations. SQL Server since version 2008 has
the ability to define an audit specification [1] at the server
or database level. However, the data from the system
audit does not consider the requirements of theinformation system’s business model. It becomes necessary to
customize the registration process considering the specifics of the subject area. In addition, the most important
task of database protection is to ensure data integrity. In
modern complex IS a number of tables must be protected
from unwanted change operations (inserts, updates and
deletions). Audit data can be used to cancel such unwanted actions. In this case, there is not enough information
in the system logs. This article discusses an approach to
solving the audit of changes to DB tables problem in
order to prevent unwanted data changes. This approach is
implemented in the form of a methodology of creating
database objects with the help of which user actions are
registered and unwanted changes can be canceled. To
solve the problem of user actions registration it is proposed to use a separate database schema for audit, a special audit table and triggers of the DB information tables.SQL procedures are proposed for unwanted changes
cancellation. The software implementation that makes it
possible to use it as part of automated DB protection is
given for each stage of methodology.

References

SQL Server [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/pre vious-versions/sql/sql-server-2008/dd392015 (v=sql. 100)?redirecte dfrom=MSDN.

SQL_Server [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/pre vious-versions/sql/sql-erver08/dd283095(v=sql.100)

?redirected from=MSDN.

Security [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/sql/rela tional-databases/security/contained-database-users-making-your-database-portable?view=sql-server-ver 15.

SQL Server [Електронний ресурс] – Режим доступу до ресурсу: https://docs.microsoft.com/en-us/sql/ t-sql/statements/create-role-transact-sql?view=sql-se rver-ver15.

Audit_triggers [Електронний ресурс] – Режим до-ступу до ресурсу:https://github.com/ForAudit/ SQLaudit/blob/master/Audit_triggers_proc.sql.

Published

2023-02-28

Issue

Section

Articles