Back to Security Pattern Catalog
: Core Security, Repudiation
A security audit allows auditors to reconcile actions or events that have taken place in the application with the policies that govern those actions. The audit logs have to be checked periodically to ensure that the actions that users have taken are in accordance with the actions allowed by the user’s privileges. The most important part is to record an audit trail and making sure that the audit trail helps proper auditing of appropriate events and user actions associated. Deviations must be identified from the audit reports and corrective actions have to be taken so that the deviations do not recur, either through code fixes or policy changes.
How can you make an auditing framework to easily support additions or changes to the auditing events?
Intercept business tier requests and responses. Create audit events based on the information in the request response pair using declarative mechanisms defined externally to the application. The declarative approach is crucial to maintainability of the application. This makes it easy to keep up with the changed corporate policies.
Audit interceptor with a JMS store to store audit information.
Last modified: May 05, 2012
and Maintained by: Munawar Hafiz