WOBURN, Mass. -- Sentrigo, Inc., an innovator in database security software, today announced Hedgehog IDentifier, a new module designed for Hedgehog Enterprise customers. Based on patent-pending technology, Hedgehog IDentifier allows security professionals and auditors to identify the individual application users who perform actions in the database in pooled-connection environments. The software takes the end-user ID and context information transparently from application servers and injects that information into the database connection, making Hedgehog IDentifier the only product of its type that is entirely accurate.
The most commonly used n-tier architectures sever the link between database actions and end-users due to the use of pooled connections between the application and the database. For example, once users sign in to applications such as financials or CRM, application servers present users to the database in aggregate, effectively sharing database connections for individuals actions. This approach precludes audits from tracing changes in the database back to specific users and makes it difficult to enforce security policies that assign privileges to people, not applications.
A recent Gartner report states: Application monitoring is complicated by the use of connection pooling in multitier architectures. Connection pooling implements a common connection between the application server and the DBMS, which is used by the application server for all requests to the DBMS. From the DBMS perspective, all database access appears to be from a single service account. Fraud detection requires analysis with user context.