Tjeneste for logging av systemhendelser, herunder sending og mottak av meldinger. Slik logging kan danne grunnlag for sporing av kilder og syblighet i hvem som har aksessert data.
|
|
| ID | ABB58 |
| dct:publisher | |
| dct:modified | |
| eira:status | [ Exists | Development planned ] |
| eira:reusability | [ Excellent (90-100%) | Very good (70-89,9%) | Fair (50-74,9%) | Poor (0-49,9%) ] |
| eira:actual_use | [ Currently used | Used planned | No ] |
| difi:namespace | eira |
| difi:name_no | Logging |
| difi:description_no | Tjeneste for logging av systemhendelser, herunder sending og mottak av meldinger. Slik logging kan danne grunnlag for sporing av kilder og syblighet i hvem som har aksessert data. |
| difi:name_en | Audit Service [ns:eira] |
| difi:description_en | DESCRIPTION:
Shares the audit functionality of providing support for the principle of accountability, which is holding users of a system accountable for their actions within the system, and detection of policy violations. The audit policy defines the elements of an information system which need to be traced, for example to assure traceability of actions: what, how, when, where and with what.
Based on The Open Group
http://www.opengroup.org/security/das/xdas_int.htm
INTEROPERABILITY SALIENCY:
The Audit Service ABB is salient for technical interoperability because it defines the elements of an information system which need to be traced, for example to assure traceability of user actions as stated in the EIF: "Public administrations should ensure that a 'data access and authorisation plan’ which determines who has access to what data and under what conditions, to ensure privacy. Unauthorised access and security breaches should be monitored and appropriate actions should be taken to prevent any recurrence of breaches"
EXAMPLES:
The following implementation is an example on how this specific Architecture Building Block (ABB) can be instantiated as a Solution Building Block (SBB):
OpenIAM audit service
OpenIAM Auditing Service ensures that detailed information about events and activities associated with identities or resources are logged into a centralized repository and be tracked. It offers the following features:
• Sign-on, Sign-off
• User: create, update, delete or disable accounts
• Role: create, update, delete or disable accounts
• Resource: create, update, delete or disable accounts
• Password changes, resets, challenge response questions changes
• Synchronization events
• Reconciliation events
Several reporting templates are provided for a BIRT report writer for use in an Eclipse designer. Organizations can also generate their own reports in BIRT with SQL.
https://www.openiam.com/products/identity-manager/features/audit-compliance/
|
| difi:language | no |
| label | ${name} |
| dct:type | archi:application-service |