Karen Hill wrote:
> We know that Oracle and SUN/Solaris go together quite well on high end
> installs. To insure an audit trail for BASEL , HIPPA, Sarbanes Ox and
> other federal laws, one can ship oracle logs to an offsite server.
> Yet, how can this guarentee an audit trail, when Solaris does not
> support immutable files? Immutable files are files where not even root
> can change/delete/move a file set as immutable.

The secret it to keep audit trails inside the database and create an
audit trail of any attempt to alter it.

How can I tell if the audit trail's been altered?
One way is to apply DBMS_CRYPTO to the data.
Data alteration becomes impossible.

Want additional methods? Apply some of Oracle's built-in capabilities
such as checksums. Here are a list of topics you can look up in Morgan's
Library at www.psoug.org that may help.

DBMS_CRYPTO
OWA_OPT_LOCK.CHECKSUM
OWA_OPT_LOCK.VERIFY_VALUES
--
Puget Sound Oracle Users Group