1. Field of the Invention
The present invention relates to databases. More specifically, the present invention relates to a method and an apparatus for detecting data tampering within a database.
2. Related Art
Many companies and organizations store important data in databases, and security of this data is a vitally important concern. Databases provide various features to protect this data, including authentication, authorization and auditing. In order to be authenticated, users typically need to validate their identity before they can connect to the database. Furthermore, once they are authenticated, they are typically only allowed to access the data that they have been granted privileges to access. Finally, operations that the user performs are typically audited for various purposes.
The above-described features are typically sufficient for most users; however, there are two types of users who can change or delete the data, and the above model does not apply to them. The first type of user is the privileged database user. Privileged database users typically have access to all the data in the database, and can perform any operation they want within the database. The second type of users is the privileged Operating System (OS) user. Since the database files reside on a file system, these privileged OS users can bypass the database access controls and modify the database files directly.
To mitigate the above-described problems, database administrators can limit the number of privileged users for the database, or can otherwise tighten control over accounts for these privileged users. However, in some critical systems like financial databases or audit databases, this is not sufficient. Recent compliance regulation changes, such as the Sarbanes-Oxley Act, require companies to prevent tampering with sensitive data.
Hence, what is needed is a method and an apparatus for securing data in a database system in a manner that is tamper-evident without the problems listed above.