Computer users, such as, corporations and governmental entities increasingly store critical data in computing systems. One common computing system for storing large amounts of critical data is a relational database management system (RDBMS). Generally, an RDBMS stores multiple databases. Generally a database supports a single business application and is comprised of one or more tables. A table stores data in logical horizontal rows. The table columns represent fields. To allow for retrieval of desired data, at least one key column is provided that contains unique values such that no two rows contain the same values in a particular key column. For example, in a database storing customer financial information, a column field may be an account balance and the key column may be the customer's social security number or account number.
A front end program typically provides users access to the database. For example, an operator in a call center may use a customer resource management (CRM) program to access data stored in an RDBMS. A user typically can only view and modify certain information stored in the database and cannot create new databases, tables or fields. The user's access to the database may be monitored through the front end program.
Databases in such RDBMS' can store sensitive information, such as financial records, health records and insurance records. Corporations often seek to safeguard the information stored in computing systems against accidental and intentional modification. One approach is to limit access rights to the RDBMS by creating a subset of users who are privileged users with the ability to access features of backend of the RDBMS.
Certain database maintenance tasks are typically performed by a privileged user, such as a database administrator (DBA), with direct access to the database. A privileged user may access an RDBMS to, for example, create new databases, tables, fields or modify data. A privileged user may use administrative front end programs to perform the maintenance tasks or may directly access the RDBMS using structured query language (SQL). A privileged user may have access to view, modify and delete any data in the RDBMS.
Corporations increasingly must monitor privileged user access to corporate computing systems. Intentional data theft of personal information places a corporation's customers at risk of identity theft. Additionally, employees have inappropriately accessed celebrity's personal information. In response to these and other situations, the government requires that corporations track access to certain types of financial and other data. For example, under the Sarbanes-Oxley Act, companies must evaluate and enact certain controls to prevent and detect fraud.