Visible to the public Biblio

Filters: Keyword is Security Audits  [Clear All Filters]
2021-04-27
Wang, Y., Guo, S., Wu, J., Wang, H. H..  2020.  Construction of Audit Internal Control System Based on Online Big Data Mining and Decentralized Model. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :623–626.
Construction of the audit internal control system based on the online big data mining and decentralized model is done in this paper. How to integrate the novel technologies to internal control is the attracting task. IT audit is built on the information system and is independent of the information system itself. Application of the IT audit in enterprises can provide a guarantee for the security of the information system that can give an objective evaluation of the investment. This paper integrates the online big data mining and decentralized model to construct an efficient system. Association discovery is also called a data link. It uses similarity functions, such as the Euclidean distance, edit distance, cosine distance, Jeckard function, etc., to establish association relationships between data entities. These parameters are considered for comprehensive analysis.
Pozdniakov, K., Alonso, E., Stankovic, V., Tam, K., Jones, K..  2020.  Smart Security Audit: Reinforcement Learning with a Deep Neural Network Approximator. 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). :1–8.
A significant challenge in modern computer security is the growing skill gap as intruder capabilities increase, making it necessary to begin automating elements of penetration testing so analysts can contend with the growing number of cyber threats. In this paper, we attempt to assist human analysts by automating a single host penetration attack. To do so, a smart agent performs different attack sequences to find vulnerabilities in a target system. As it does so, it accumulates knowledge, learns new attack sequences and improves its own internal penetration testing logic. As a result, this agent (AgentPen for simplicity) is able to successfully penetrate hosts it has never interacted with before. A computer security administrator using this tool would receive a comprehensive, automated sequence of actions leading to a security breach, highlighting potential vulnerabilities, and reducing the amount of menial tasks a typical penetration tester would need to execute. To achieve autonomy, we apply an unsupervised machine learning algorithm, Q-learning, with an approximator that incorporates a deep neural network architecture. The security audit itself is modelled as a Markov Decision Process in order to test a number of decision-making strategies and compare their convergence to optimality. A series of experimental results is presented to show how this approach can be effectively used to automate penetration testing using a scalable, i.e. not exhaustive, and adaptive approach.
H, R. M., Shet, U. Harshitha, Shetty, R. D., Shrinivasa, J, A. N., S, K. R. N..  2020.  Triggering and Auditing the Event During Intrusion Detections in WSN’s Defence Application. 2020 3rd International Conference on Intelligent Sustainable Systems (ICISS). :1328–1332.
WSNs are extensively used in defence application for monitoring militant activities in various ways in large unknown territories. Here WSNs has to have large set of distributed systems in the form as sensors nodes. Along with security concerns, False Alarming is also a factor which may interrupt the service and downgrade the application further. Thus in our work we have made sure that when a trigger is raised to an event, images can be captured from the connected cameras so that it will be helpful for both auditing the event as well as capturing the scene which led to the triggering of the event.
Lekshmi, M. M., Subramanian, N..  2020.  Data Auditing in Cloud Storage using Smart Contract. 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT). :999–1002.
In general, Cloud storage is considered as a distributed model. Here, the data is usually stored on remote servers to properly maintain, back up and make it accessible to clients over a network, whenever required. Cloud storage providers keep the data and processes to oversee it on capacity servers based on secure virtualization methods. A security framework is proposed for auditing the cloud data, which makes use of the proposed blockchain technology. This ensures to efficiently maintain the data integrity. The blockchain structure inspects the mutation of operational information and thereby ensures the data security. Usually, the data auditing scheme is widely used in a Third Party Auditor (TPA), which is a centralized entity that the client is forced to trust, even if the credibility is not guaranteed. To avoid the participation of TPA, a decentralised scheme is suggested, where it uses a smart contract for auditing the cloud data. The working of smart contracts is based on blockchain. Ethereum is used to deploy a smart contract thereby eliminating the need of a foreign source in the data auditing process.
Tian, Z..  2020.  Design and Implementation of Distributed Government Audit System Based on Multidimensional Online Analysis. 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :981–983.
With the continuous progress of the information age, e-commerce, the Internet of things and other emerging Internet areas are gradually emerging. Massive amount of structured data auditing becomes a major issue. Log files and other data can be uploaded to the cloud via the Internet to guard against potential threats. Difficulty now is how to realize the data in the field of data audit query online, interactive and impromptu. There are two main methods of data warehouse, respectively is zhang table reduction method and basic data verification method. In the age of big data, data quantity increases gradually, so that the audit speed, design of the data storage and so on will be more or less problematic. If the audit task is not completed in time, it will result in the failure to store the audit data, which will cause losses to enterprises and the government. This paper focuses on the data cube physical model and distributed technical analysis, through the establishment of a set of efficient distributed and online auditing system, so as to make the data fast and efficient auditing.
Zhou, X..  2020.  Improvement of information System Audit to Deal With Network Information Security. 2020 International Conference on Communications, Information System and Computer Engineering (CISCE). :93–96.
With the rapid development of information technology and the increasing popularity of information and communication technology, the information age has come. Enterprises must adapt to changes in the times, introduce network and computer technologies in a timely manner, and establish more efficient and reasonable information systems and platforms. Large-scale information system construction is inseparable from related audit work, and network security risks have become an important part of information system audit concerns. This paper analyzes the objectives and contents of information system audits under the background of network information security through theoretical analysis, and on this basis, proposes how the IS audit work will be carried out.
Wang, S., Yang, Y., Liu, S..  2020.  Research on Audit Model of Dameng Database based on Security Configuration Baseline. 2020 IEEE International Conference on Power, Intelligent Computing and Systems (ICPICS). :833–836.
Compared with traditional databases such as Oracle database, SQL Server database and MySQL database, Dameng database is a domestic database with independent intellectual property rights. Combined with the security management of Dameng database and the requirement of database audit, this paper designs the security configuration baseline of Dameng database. By designing the security configuration baseline of Dameng database, the audit work of Dameng database can be carried out efficiently, and by analyzing the audit results, the security configuration baseline of Dameng database can be improved.
2021-03-29
Erulanova, A., Soltan, G., Baidildina, A., Amangeldina, M., Aset, A..  2020.  Expert System for Assessing the Efficiency of Information Security. 2020 7th International Conference on Electrical and Electronics Engineering (ICEEE). :355—359.

The paper considers an expert system that provides an assessment of the state of information security in authorities and organizations of various forms of ownership. The proposed expert system allows to evaluate the state of compliance with the requirements of both organizational and technical measures to ensure the protection of information, as well as the level of compliance with the requirements of the information protection system in general. The expert assessment method is used as a basic method for assessing the state of information protection. The developed expert system provides a significant reduction in routine operations during the audit of information security. The results of the assessment are presented quite clearly and provide an opportunity for the leadership of the authorities and organizations to make informed decisions to further improve the information protection system.

2021-03-22
Xu, P., Chen, L., Jiang, Y., Sun, Q., Chen, H..  2020.  Research on Sensitivity Audit Scheme of Encrypted Data in Power Business. 2020 IEEE International Conference on Energy Internet (ICEI). :6–10.

With the rapid progress of informatization construction in power business, data resource has become the basic strategic resource of the power industry and innovative element in power production. The security protection of data in power business is particularly important in the informatization construction of power business. In order to implement data security protection, transparent encryption is one of the fifteen key technical standards in the Construction Guideline of the Standard Network Data Security System. However, data storage in the encrypted state is bound to affect the security audit of data to a certain extent. Based on this problem, this paper proposes a scheme to audit the sensitivity of the power business data under the protection of encryption to achieve an efficient sensitivity audit of ciphertext data with the premise of not revealing the decryption key or data information. Through a security demonstration, this paper fully proves that this solution is secure under the known plaintext attacks.

2021-02-16
Monakhov, Y. M., Monakhov, M. Y., Telny, A. V., Kuznetsova, A. P..  2020.  Prediction of the Information Security State of the Protected Object Using Recurrent Correction. 2020 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :602—605.

This article presents the modeling results of the ability to improve the accuracy of predicting the state of information security in the space of parameters of its threats. Information security of the protected object is considered as a dynamic system. Security threats to the protected object are used as the security system parameters most qualitatively and fully describing its behavior. The number of threats considered determines the dimension of the security state space. Based on the dynamic properties of changes in information security threats, the space region of the security system possible position at the moments of subsequent measurements of its state (a comprehensive security audit) is predicted. The corrected state of the information security system is considered to be the intersection of the area of subsequent measurement of the state of the system (integrated security audit) with the previously predicted area of the parameter space. Such a way to increase the accuracy of determining the state of a dynamic system in the space of its parameters can be called dynamic recurrent correction method. It is possible to use this method if the comprehensive security audit frequency is significantly higher than the frequency of monitoring changes in the dynamics of specific threats to information security. In addition, the data of the audit results and the errors of their receipt must be statistically independent with the results of monitoring changes in the dynamics of specific threats to information security. Improving the accuracy of the state of information security assessment in the space of the parameters of its threats can be used for various applications, including clarification of the communication channels characteristics, increasing the availability and efficiency of the telecommunications network, if it is an object of protection.

2020-03-09
Nadir, Ibrahim, Ahmad, Zafeer, Mahmood, Haroon, Asadullah Shah, Ghalib, Shahzad, Farrukh, Umair, Muhammad, Khan, Hassam, Gulzar, Usman.  2019.  An Auditing Framework for Vulnerability Analysis of IoT System. 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :39–47.
Introduction of IoT is a big step towards the convergence of physical and virtual world as everyday objects are connected to the internet nowadays. But due to its diversity and resource constraint nature, the security of these devices in the real world has become a major challenge. Although a number of security frameworks have been suggested to ensure the security of IoT devices, frameworks for auditing this security are rare. We propose an open-source framework to audit the security of IoT devices covering hardware, firmware and communication vulnerabilities. Using existing open-source tools, we formulate a modular approach towards the implementation of the proposed framework. Standout features in the suggested framework are its modular design, extensibility, scalability, tools integration and primarily autonomous nature. The principal focus of the framework is to automate the process of auditing. The paper further mentions some tools that can be incorporated in different modules of the framework. Finally, we validate the feasibility of our framework by auditing an IoT device using proposed toolchain.
Patil, Jagruti M., Chaudhari, Sangita S..  2019.  Efficient Privacy Preserving and Dynamic Public Auditing for Storage Cloud. 2019 International Conference on Nascent Technologies in Engineering (ICNTE). :1–6.
In recent years, cloud computing has gained lots of importance and is being used in almost all applications in terms of various services. One of the most widely used service is storage as a service. Even though the stored data can be accessed from anytime and at any place, security of such data remains a prime concern of storage server as well as data owner. It may possible that the stored data can be altered or deleted. Therefore, it is essential to verify the correctness of data (auditing) and an agent termed as Third Party Auditor (TPA) can be utilised to do so. Existing auditing approaches have their own strengths and weakness. Hence, it is essential to propose auditing scheme which eliminates limitations of existing auditing mechanisms. Here we are proposing public auditing scheme which supports data dynamics as well as preserves privacy. Data owner, TPA, and cloud server are integral part of any auditing mechanism. Data in the form of various blocks are encoded, hashed, concatenated and then signature is calculated on it. This scheme also supports data dynamics in terms of addition, modification and deletion of data. TPA reads encoded data from cloud server and perform hashing, merging and signature calculation for checking correctness of data. In this paper, we have proposed efficient privacy preserving and dynamic public auditing by utilizing Merkle Hash Tree (MHT) for indexing of encoded data. It allows updating of data dynamically while preserving data integrity. It supports data dynamics operations like insert, modify and deletion. Several users can request for storage correctness simultaneously and it will be efficiently handled in the proposed scheme. It also minimizes the communication and computing cost. The proposed auditing scheme is experimented and results are evaluated considering various block size and file size parameters.
Zakaria, Khairun Nisyak, Zainal, Anazida, Othman, Siti Hajar, Kassim, Mohamad Nizam.  2019.  Feature Extraction and Selection Method of Cyber-Attack and Threat Profiling in Cybersecurity Audit. 2019 International Conference on Cybersecurity (ICoCSec). :1–6.
Public sector and private organizations began using cybersecurity control in order to defend their assets against cybercriminals attack. Cybersecurity audits assist organizations to deal with cyber threats, cybercriminals, and cyber-attacks thatare growing in an aggressive cyber landscape. However, cyber-attacks and threats become more increase and complex in complicated cyber landscapes challenge auditors to perform an effective cybersecurity audit. This current situation puts in evidens ce the critical need for a new approach in the cybersecurity audit execution. This study reviews an alternative method in the execution of cybersecurity security checks. The analysis is on the character and behavioral of cyber-attacks and threats using feature extraction and selection method to get crucial elements from the common group of cyber-attacks and threats. Cyber-attacks and threats profile are systematic approaches driven by a clear understanding of the form of cyber-attacks and threats character and behavior patterns in cybersecurity requirements. As a result, this study proposes cyber-attacks and threats profiling for cybersecurity audit as a set of control elements that are harmonized with audit components that drive audits based on cyber threats.
Flores, Denys A., Jhumka, Arshad.  2019.  Hybrid Logical Clocks for Database Forensics: Filling the Gap between Chain of Custody and Database Auditing. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :224–231.
Database audit records are important for investigating suspicious actions against transactional databases. Their admissibility as digital evidence depends on satisfying Chain of Custody (CoC) properties during their generation, collection and preservation in order to prevent their modification, guarantee action accountability, and allow third-party verification. However, their production has relied on auditing capabilities provided by commercial database systems which may not be effective if malicious users (or insiders) misuse their privileges to disable audit controls, and compromise their admissibility. Hence, in this paper, we propose a forensically-aware distributed database architecture that implements CoC properties as functional requirements to produce admissible audit records. The novelty of our proposal is the use of hybrid logical clocks, which compared with a previous centralised vector-clock architecture, has evident advantages as it (i) allows for more accurate provenance and causality tracking of insider actions, (ii) is more scalable in terms of system size, and (iii) although latency is higher (as expected in distributed environments), 70 per cent of user transactions are executed within acceptable latency intervals.
Babu, T. Kishore, Guruprakash, C. D..  2019.  A Systematic Review of the Third Party Auditing in Cloud Security: Security Analysis, Computation Overhead and Performance Evaluation. 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC). :86–91.
Cloud storage offers a considerable efficiency and security to the user's data and provide high flexibility to the user. The hackers make attempt of several attacks to steal the data that increase the concern of data security in cloud. The Third Party Auditing (TPA) method is introduced to check the data integrity. There are several TPA methods developed to improve the privacy and efficiency of the data integrity checking method. Various methods involved in TPA, have been analyzed in this review in terms of function, security and overall performance. Merkel Hash Tree (MHT) method provides efficiency and security in checking the integrity of data. The computational overhead of the proof verify is also analyzed in this review. The communication cost of the most TPA methods observed as low and there is a need of improvement in security of the public auditing.
PONGSRISOMCHAI, Sutthinee, Ngamsuriyaroj, Sudsanguan.  2019.  Automated IT Audit of Windows Server Access Control. 2019 21st International Conference on Advanced Communication Technology (ICACT). :539–544.

To protect sensitive information of an organization, we need to have proper access controls since several data breach incidents were happened because of broken access controls. Normally, the IT auditing process would be used to identify security weaknesses and should be able to detect any potential access control violations in advance. However, most auditing processes are done manually and not performed consistently since lots of resources are required; thus, the auditing is performed for quality assurance purposes only. This paper proposes an automated process to audit the access controls on the Windows server operating system. We define the audit checklist and use the controls defined in ISO/IEC 27002:2013 as a guideline for identifying audit objectives. In addition, an automated audit tool is developed for checking security controls against defined security policies. The results of auditing are the list of automatically generated passed and failed policies. If the auditing is done consistently and automatically, the intrusion incidents could be detected earlier and essential damages could be prevented. Eventually, it would help increase the reliability of the system.

Lv, Jixian, Wang, Yi, Liu, Jinze.  2019.  A Security Problem in Cloud Auditing Protocols. 2019 International Conference on Machine Learning, Big Data and Business Intelligence (MLBDBI). :43–46.
In 2013, subversion attack comes to publity again by Mikhail Bellare, who was inspired by PRISM. In this work, we implement this kind of attack on cloud auditing protocols. We show that through subversion attacks, the cloud server can recover the secret information stored by the data owner. Especially, First, we set a general frame of data auditing protocols. This model forms a basic security model of auditing protocols. Then we give a security model of attacker. Finally, we put forward some popular auditing protocols which can be subverted.
Majumdar, Suryadipta, Tabiban, Azadeh, Mohammady, Meisam, Oqaily, Alaa, Jarraya, Yosr, Pourzandi, Makan, Wang, Lingyu, Debbabi, Mourad.  2019.  Multi-Level Proactive Security Auditing for Clouds. 2019 IEEE Conference on Dependable and Secure Computing (DSC). :1–8.
Runtime cloud security auditing plays a vital role in mitigating security concerns in a cloud. However, there currently does not exist a comprehensive solution that can protect a cloud tenant against the threats rendered from the multiple levels (e.g., user, virtual, and physical) of the cloud design. Furthermore, most of the existing solutions suffer from slow response time and require significant manual efforts. Therefore, a simple integration of the existing solutions for different levels is not a practical solution. In this paper, we propose a multilevel proactive security auditing system, which overcomes all the above-mentioned limitations. To this end, our main idea is to automatically build a predictive model based on the dependency relationships between cloud events, proactively verify the security policies related to different levels of a cloud by leveraging this model, and finally enforce those policies on the cloud based on the verification results. Our experiments using both synthetic and real data show the practicality and effectiveness of this solution (e.g., responding in a few milliseconds to verify each level of the cloud).
Sun, Zhiqing, Li, Yan, Zhang, Weiyan.  2019.  Research on the Development Trend and Auditing Mode of High Security Enterprise Intranet Security Audit. 2019 IEEE 11th International Conference on Advanced Infocomm Technology (ICAIT). :153–156.
Security auditing is an effective means of safety supervision and risk self-identification. It is also a hot issue in the research of major enterprises and institutions. The existing standard norms cannot effectively guide the internal audit of the enterprise intranet, “how to review” and “review” What is not easy to grasp. This paper analyzes the status quo, problems and development trends of security audit, and proposes a behavior-based security audit mode, which can effectively discover the non-compliance behavior of intranet users, and can provide reference for peers through practice.
2020-01-20
Zhu, Yan, Zhang, Yi, Wang, Jing, Song, Weijing, Chu, Cheng-Chung, Liu, Guowei.  2019.  From Data-Driven to Intelligent-Driven: Technology Evolution of Network Security in Big Data Era. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:103–109.

With the advent of the big data era, information systems have exhibited some new features, including boundary obfuscation, system virtualization, unstructured and diversification of data types, and low coupling among function and data. These features not only lead to a big difference between big data technology (DT) and information technology (IT), but also promote the upgrading and evolution of network security technology. In response to these changes, in this paper we compare the characteristics between IT era and DT era, and then propose four DT security principles: privacy, integrity, traceability, and controllability, as well as active and dynamic defense strategy based on "propagation prediction, audit prediction, dynamic management and control". We further discuss the security challenges faced by DT and the corresponding assurance strategies. On this basis, the big data security technologies can be divided into four levels: elimination, continuation, improvement, and innovation. These technologies are analyzed, combed and explained according to six categories: access control, identification and authentication, data encryption, data privacy, intrusion prevention, security audit and disaster recovery. The results will support the evolution of security technologies in the DT era, the construction of big data platforms, the designation of security assurance strategies, and security technology choices suitable for big data.

2019-07-01
Shinde, P., Karve, A., Mandaliya, P., Patil, S..  2018.  Wireless Security Audit Penetration Test Using Raspberry Pi. 2018 International Conference on Smart City and Emerging Technology (ICSCET). :1-4.

With the advancement in the wireless technology there are more and more devices connected over WiFi network. Security is one of the major concerns about WiFi other than performance, range, usability, etc. WiFi Auditor is a collection of WiFi testing tools and services packed together inside Raspberry Pi 3 module. The WiFi auditor allows the penetration tester to conduct WiFi attacks and reconnaissance on the selected client or on the complete network. WiFi auditor is portable and stealth hence allowing the attacker to simulate the attacks without anyone noticing them. WiFi auditor provides services such as deliberate jamming, blocking or interference with authorized wireless communications which can be done to the whole network or just a particular node.

Li, D., Zhang, Z., Liao, W., Xu, Z..  2018.  KLRA: A Kernel Level Resource Auditing Tool For IoT Operating System Security. 2018 IEEE/ACM Symposium on Edge Computing (SEC). :427-432.

Nowadays, the rapid development of the Internet of Things facilitates human life and work, while it also brings great security risks to the society due to the frequent occurrence of various security issues. IoT device has the characteristics of large-scale deployment and single responsibility application, which makes it easy to cause a chain reaction and results in widespread privacy leakage and system security problems when the software vulnerability is identified. It is difficult to guarantee that there is no security hole in the IoT operating system which is usually designed for MCU and has no kernel mode. An alternative solution is to identify the security issues in the first time when the system is hijacked and suspend the suspicious task before it causes irreparable damage. This paper proposes KLRA (A Kernel Level Resource Auditing Tool) for IoT Operating System Security This tool collects the resource-sensitive events in the kernel and audit the the resource consumption pattern of the system at the same time. KLRA can take fine-grained events measure with low cost and report the relevant security warning in the first time when the behavior of the system is abnormal compared with daily operations for the real responsibility of this device. KLRA enables the IoT operating system for MCU to generate the security early warning and thereby provides a self-adaptive heuristic security mechanism for the entire IoT system.

Modi, F. M., Desai, M. R., Soni, D. R..  2018.  A Third Party Audit Mechanism for Cloud Based Storage Using File Versioning and Change Tracking Mechanism. 2018 International Conference on Inventive Research in Computing Applications (ICIRCA). :521-523.

Cloud storage is an exclusive resource in cloud computing, which helps to store and share the data on cloud storage server. Clients upload the data and its hash information n server together on cloud storage. The file owner always concern about data security like privacy and unauthorized access to third party. The owner also wants to ensure the integrity data during communication process. To ensure integrity, we propose a framework based on third party auditor which checks the integrity and correctness of data during audit process. Our aim is to design custom hash for the file which is not only justifies the integrity but also version information about file.

Ha\c silo\u glu, A., Bali, A..  2018.  Central Audit Logging Mechanism in Personal Data Web Services. 2018 6th International Symposium on Digital Forensic and Security (ISDFS). :1-3.

Personal data have been compiled and harnessed by a great number of establishments to execute their legal activities. Establishments are legally bound to maintain the confidentiality and security of personal data. Hence it is a requirement to provide access logs for the personal information. Depending on the needs and capacity, personal data can be opened to the users via platforms such as file system, database and web service. Web service platform is a popular alternative since it is autonomous and can isolate the data source from the user. In this paper, the way to log personal data accessed via web service method has been discussed. As an alternative to classical method in which logs were recorded and saved by client applications, a different mechanism of forming a central audit log with API manager has been investigated. By forging a model policy to exemplify central logging method, its advantages and disadvantages have been explored. It has been concluded in the end that this model could be employed in centrally recording audit logs.

Rasin, A., Wagner, J., Heart, K., Grier, J..  2018.  Establishing Independent Audit Mechanisms for Database Management Systems. 2018 IEEE International Symposium on Technologies for Homeland Security (HST). :1-7.

The pervasive use of databases for the storage of critical and sensitive information in many organizations has led to an increase in the rate at which databases are exploited in computer crimes. While there are several techniques and tools available for database forensic analysis, such tools usually assume an apriori database preparation, such as relying on tamper-detection software to already be in place and the use of detailed logging. Further, such tools are built-in and thus can be compromised or corrupted along with the database itself. In practice, investigators need forensic and security audit tools that work on poorlyconfigured systems and make no assumptions about the extent of damage or malicious hacking in a database.In this paper, we present our database forensics methods, which are capable of examining database content from a storage (disk or RAM) image without using any log or file system metadata. We describe how these methods can be used to detect security breaches in an untrusted environment where the security threat arose from a privileged user (or someone who has obtained such privileges). Finally, we argue that a comprehensive and independent audit framework is necessary in order to detect and counteract threats in an environment where the security breach originates from an administrator (either at database or operating system level).