Oracle Preps Database Add-Ons for Secure Archiving, Audits
Specifically, it's working on Project Audit Vault, which would automatically put all audit trail information into a separate -- and secure -- database.
Currently, the audit trail flows into the database itself, where it can be accessed by database administrators. That poses obvious problems if the DBAs are the people doing bad things, said Mark Townsend, senior director for Oracle Databases. The Audit Vault could be set by senior management to funnel all that information to a database to which DBAs have no access, Townsend said.
That secure database is then subject to scrutiny by authorized personnel using all of Oracle's data mining and business intelligence tools. Oracle will also publish the APIs to that repository to open it up to third-party tools, he said.
In a similar vein, Project Data Vault would make it easier to set different access privileges for many databases running on a single server. Such consolidation typically puts diverse ERP, HR and other databases on one machine where DBAs can get access to data that perhaps they should not be privy to. Data Vault lets enterprise IT managers or integrators dole out access to each database only to each authorized DBA.
It applies the concept of "realms" to the data and lets upper management easily set privileges in a point-and click manner, Townsend said. Right now such privileges can be set but must be done manually -- a painstaking and time-consuming process.
Oracle Senior Vice President Andy Mendelsohn and Executive Vice President Chuck Rozwat talked briefly about the projects during Rozwat's Oracle OpenWorld keynote last week.
"Project Data Vault lets you create a concept called a realm…a collection of schemas," said Mendelsohn. "You can create a realm around HR, another around the financial schemas, another maybe around order processing schemas and then you can restrict your administrators to only use these powerful privileges, like create any table, just within the schemas in that realm…This solves a very important problem around consolidation of systems."
With Audit Vault, "the basic idea is to create a data warehouse full of all of your security audit information from all your systems, consolidate them into one big warehouse, and then provide you with some standard reports that let auditors understand what's going on," Mendelsohn told attendees.
Pricing and packaging is still to be determined, but it is likely both add-ons will be separate SKUs, said Townsend and Will Hardie, senior director product marketing.
Also on the security front, Oracle is slated to release its quarterly security update in mid October.