Applied Oracle Security: Developing Secure Database and Middleware Environments- P53:Computer security is a field of study that continues to undergo significant changes at an extremely fast pace. As a result of research combined with increases in computing capacity, computer security has reached what many consider to be “early adulthood.” From advances in encryption and encryption devices to identity management and enterprise auditing, the computer security field is as vast and complex as it is sophisticated and powerful | 494 Part IV Applied Security for Oracle APEX and Oracle Business Intelligence Note that the new row in the audit trail was issued by the database user ANONYMOUS which typically means it s coming from APEX using the Embedded PL SQL Gateway. Also note that APEX sets CLIENT_ID to the APEX User and APEX Session ID number that is captured in the audit trail. You might wonder why I included SCN System Change Number as a column in this example. My goal was to hint at a powerful concept that is a bit beyond the scope of this chapter and that is to combine FGA with the Oracle database Flashback feature and new in 11g Flashback Data Archive. Flashback is designed to retain historical data for short periods say a week or less which provides DBAs many more options for data recovery. Flashback is also a great compliment to FGA in that it allows you to put your session back in time. Since the audit trail provides both the SCN and the query we could put our session back to that time and run the same query to see exactly what data was displayed in a security breach. Flashback Data Archive extends this concept as it is designed to retain data for much longer periods measured in months or years. The following code is a quick example of how the code is used for this scenario exec 6009443 select from employees where 1 1 FGA Example 3 One parameter of we haven t explored yet is HANDLER_MODULE. While this parameter is not directly related to APEX the functionality it provides is significant enough to deserve an example. HANDLER_MODULE is designed to be able to send alerts when an audit event occurs. Without the ability to send alerts a security administrator needs to review the audit logs on a regular basis to detect suspicious events. HANDLER_MODULE allows you to define a PL SQL procedure that is called every time an audit event occurs. The PL SQL procedure must conform to the following signature procedure_name .