User Identification

User Identification Overview

Some database applications are designed to use or share a small number of database user accounts. These applications manage their users independently of the database management system, which means that when observing database traffic from outside of the application, it can be difficult to determine the application user who is controlling a database connection at any given point in time. However, when questionable database activities occur, you need to relate specific actions to specific individuals, rather than to an account shared by groups of individuals. In other words, you must know the application user, not just the database user.

Guardium provides several methods to identify application users, when the actual database user is not apparent from the database traffic:

Within the enterprise, it may be necessary to employ several methods to identify users, depending on the applications used.