Database security is becoming an increasingly imperative aspect of modern business practices as breaches of repositories containing sensitive information evoke high profile headlines, and resulting damages stemming from such a breach can be substantial. There is a modern trend towards a heightened duty that keepers of sensitive information have towards safeguarding databases from unauthorized access. Further, when such breaches do occur, it becomes equally as important to identify the scope of the breach so that appropriate mitigation activities may ensue. Accordingly, database access control and auditing mechanisms are often employed to protect and monitor access to a database.
Traditional database (DB) security has focused on user based security, typically via access based control. Such an approach establishes a privileged class of users, such as administrators and supervisory personnel. A presumption of trust tends to accompany these “super user” roles, since they are empowered with substantial access privileges, including the ability to modify the privileges of other users to include the “super user” status. Modern security implementation and auditing principles, however, strive for complete access coverage and monitoring. Exemption of a particular subset of such super users avoids the finely tuned scrutiny demanded by modern security approaches.