auditing

Auditing SQL {3}

by Rudy P
This week I will be blogging about the journal entry “Auditing a Batch of SQL Queries” by Rajeev Motwani, Shubha U. Nabar, and Dilys Thomas of Stanford University. This Journal entry talked about ways SQL Queries are audited and how to determine suspicious SQL queries. The Journal makes mention of a command AUDIT, which I had never seen before. They use it an example: read more...

Cloud computing: challenges and methods {Comments Off on Cloud computing: challenges and methods}

by Davina V
As I read this article for class I noticed something surprising when I read the article it mentioned Software as a Service (SAAS), which our teacher mentioned in class, briefly first thing in the article.  With different people using some of the same cloud systems, data auditing is used to identify the integrity of the information. The most common method used Checking on retrieval is mentioned in the article. The only problem with that method is that it is not sufficient to check all the data within a Cloud. So when designing the storage audit protocols there are three performance criteria: Low storage overhead, low communication cost, and low computational complexity. read more...

SQL Knowledge {1}

by Jasmine C
My article was about how auditors can use SQL and also just some basic fundamentals statements that users should know. For auditors, SQL contains all the features that they will ever need to work with a database.  Basic statements allow for auditors to easily gather and process data relevant to their needs and display it in a way that is appropriate for their purpose.  As we all know, the basic statements of SQL are SELECT, INSERT, DELETE, and UPDATE.  The article discusses the need for each of these statements and also provides a few examples of how they are each used.  SELECT is the first statement with the purpose of extracting data.  Within the SELECT statement, you can have specific commands or functions that you will like to use to to manipulate your data.  For example, you can use the ORDER BY command to sort the data, you can use string functions to perform string expressions, and you can also use arithmetic expressions in a SELECT statement.  With the other statements, UPDATE, DELETE and INSERT, their purpose is to modify a database.  The other good thing about this article was that it listed some sites where people could go to learn more about SQL.  Some of the sites will even allow you to run statements and see the results. read more...

SQL In Auditing {3}

by Jorge R
The main topic for my article, provides an overview of the basic SQL commands. It also introduces learning concept and resources for auditors that want to implement SQL. Structured Query Language (SQL) is a method used to retrieve information from databases. The database is composed of tables which have data stored in each cell. This allows the user to change the tables in specific location with ease. My chosen article also explains that,”The American National Standards Institute (ANSI) has published guidelines that have established SQL as the standard language for accessing and manipulating relational database management systems”. Using SQL in the auditing field is a generic essential software, which is used to retrieve and compute the data of clients by  displaying the data in an array of formats. This poses a problem for some auditors with little to no computer background. There are SQL code that is needed to set up and use SQL. In order to help auditors, the website provides a multiple free links (http://sqlcourse.com, http://www. w3schools.com/sql ,http://sqlzoo.net ) to help users familiarize themselves with SQL through an interactive online tutorial and examples. read more...