Home | Previous Page | Next Page

Contents

In This Introduction

About This Manual

Software Dependencies

Assumptions About Your Locale

Demonstration Databases

Documentation Conventions

Typographical Conventions

Feature, Product, and Platform

Syntax Diagrams

Example Code Conventions

Additional Documentation

Installation Guides

Informix Error Messages

IBM Informix Dynamic Server Version 10.0 and CSDK Version 2.90 Documentation Set

Compliance with Industry Standards

IBM Welcomes Your Comments

Overview of Auditing

In This Chapter

Secure-Auditing Facility

Roles for Database Server and Audit Administration

Audit Masks and Audit Instructions

Audit Instructions

Audit Configuration

Auditing On or Off

Types of Auditing

Properties of Audit Files on UNIX

Windows Application Event Log

Windows Message Server

Error Modes for Writing to an Audit File

Audit Configuration and the ADTCFG File

Access to the Audit Trail

Importance of Audit Analysis

Preparation for Audit Analysis

Strategies for Audit Analysis

Responses to Identified Security Problems

DBMS Security Threats

Primary Threats

Privileged Activity Threats

Shared-Memory Connection Threats on UNIX

Introduced Malicious Software Threats

Remote-Access Threats

Obsolete-User Threats

Untrusted Software Used in a Privileged Environment

Distributed Database Configuration Threats

Audit Administration

In This Chapter

Administrative Roles and Role Separation

Database Server Administrator

Database System Security Officer

Audit Analysis Officer

Other Administrative Roles and Users

Role Separation

Setting Up the Default and Global Masks

Specifying a Directory for the Audit Trail (UNIX)

Setting the Error Mode

Setting the Audit Level

Activating Auditing

Audit Mask Maintenance

Creating Audit Masks

Displaying Audit Masks

Modifying Audit Masks

Deleting Audit Masks

Audit Configuration Maintenance

Displaying the Audit Configuration

Starting a New Audit File

Changing the Audit Mode on UNIX

Changing the Audit Mode on Windows (and IDS)

Changing the Audit Error Mode

Turning Off Auditing

In This Chapter

Audit-Record Format

Audit Record Output Sample for Extended Parallel Server

Audit Analysis Without SQL

Audit Analysis with SQL

Planning for SQL Audit Analysis

Revoking and Granting Privileges to Protect Audit Data

Preparing Audit Analysis Records for SQL Access on Dynamic Server

Preparing Audit Analysis Records for SQL Access on Extended Parallel Server

Interpreting Data Extracted from Audit Records

In This Chapter

The onaudit Utility

Showing Audit Masks

Modifying an Audit Mask

Creating or Adding an Audit Mask

Deleting an Audit Mask

Starting a New Audit File

Showing the Audit Configuration

Changing the Audit Configuration

Specifying Auditing for Certain Utility Command Events (XPS)

The onshowaudit Utility

Appendix A. Audit Events

Audit-Event Mnemonics for IBM Informix Dynamic Server

Audit-Event Mnemonics for IBM Informix Extended Parallel Server

Audit-Event Fields

Appendix B. The ADTCFG File

ADTCFG Configuration Parameters

ADTCFG File Conventions

ADTADMMODE (XPS)

Appendix C. Accessibility

Dotted Decimal Syntax Diagrams

Home | [ Top of Page | Previous Page | Next Page | Contents | Index ]