Enabling shared audit data

Enabling shared audit data

Audit is an important aspect of good security and business practice; however, current solutions are not supportive of electronic data and processes. This paper describes an audit service that both acts as a central place for logging from heterogeneous IT systems and a place to search and check the a...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of information security 2005-10, Vol.4 (4), p.263-276
Hauptverfasser: Baldwin, Adrian, Shiu, Simon
Format: Artikel
Sprache:eng
Schlagworte:
Audit trails
Information sharing
Information systems
Manufacturing
Network security
Studies
Third party
Trust
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Audit is an important aspect of good security and business practice; however, current solutions are not supportive of electronic data and processes. This paper describes an audit service that both acts as a central place for logging from heterogeneous IT systems and a place to search and check the audit data. Notarisation structures enabling a user to check the integrity of audit records and subsets of the audit chain relating to their transactions have been developed. The audit system uses a secure hardware device to create an alternative trust domain in which to run processes, maintaining the integrity of the audit trail whilst allowing it to be tightly integration and co-located with the overall IT infrastructure. [PUBLICATION ABSTRACT]
ISSN:1615-5262
1615-5270
DOI:10.1007/s10207-004-0061-9