Quantitative and qualitative approaches have been used in this research, which have carried out different performance characteristics of database auditing.
iv case study
Taxation chamber is governmental organization in Sudan, which responsible of gathering taxes.
The results of implementing database auditing tools yield most variations in the revelation of suspicious activities; therefore, the researcher has tested three database auditing tools (AUDIT_TRAIL, LOGMINER, FLASHBACK).
In this respect, the results demonstrate the security efficiency for each tool, moreover, the three database auditing tools which have been provided by Oracle enterprise they have been tested in the light of suspicious activities detection.
In this work, the researcher explains and clarifies the realistic implementation of database auditing tools, while table (11) illustrate the properties of the three auditing tools in detecting the suspicious activities or crimes. Hence it has been noticed that database auditing tools (AUDIT_TRAIL, LOGMINER, FLASHBACK) vary technically as well.
Tool Security feature Recovery feature Database performance
Audit_trail High None Low
Logminer High High Medium
Flashback Medium High Low
Table 1: Database Auditing Tools Features
Database AUDIT_TRAIL and LOGMINER tools significantly remain at a high level in detecting suspicious activities rather than flashback tool.
The different experiments in the above mentioned tools yield a variation in Greenwich Mean Time (GMT) time stamp precision. In this respect, the experiments have proven that LOGMINER tool better in time stamp accuracy as it has been shown in table (12) below:
Tool Time Stamp Precision
Logminer Very High
Table 2: Time Stamp Accuracy
It has been noticed in this research, mechanisms which have beenactually introduced by Oracle enterprise (AUDIT_TRAIL, LOGMINER, FLASHBACK) respect to recovery and security, however, part of these tools have been for recovery and auditing purposes.
Database auditing tools affect performances, hence, it has been noticed that significant conduction of these tools are due to the different experiment as well. The research worker has proceeded in the laboratory and compared this tool with other database security once thus; it has been show below in figure (17) below:
Figure 1 : security tool compare with auditing tool
In this work, the researcher proposes different alternative solutions to curb the SYSDBA security hole and SQL injection problem.
On the other hand, the researcher provides technique solutions for SQL injection and this way it has been done through getting around the character set problem via decreasing the user inputs and handling errors.
7.2 The Test of Research Hypothesis:
The researcher has tested the research hypothesis through the calculation of the standard error formula as it has been stated below in Table 1.3 case processing...