Audit Interceptor
Classification Key
: Core Security, Repudiation
Problem
A security audit allows auditors to reconcile actions or events that have taken place in the application with the policies that govern those actions. The audit logs have to be checked periodically to ensure that the actions that users have taken are in accordance with the actions allowed by the user’s privileges. The most important part is to record an audit trail and making sure that the audit trail helps proper auditing of appropriate events and user actions associated. Deviations must be identified from the audit reports and corrective actions have to be taken so that the deviations do not recur, either through code fixes or policy changes.
How can you make an auditing framework to easily support additions or changes to the auditing events?
Solution
Intercept business tier requests and responses. Create audit events based on the information in the request response pair using declarative mechanisms defined externally to the application. The declarative approach is crucial to maintainability of the application. This makes it easy to keep up with the changed corporate policies.
Known Uses
Audit interceptor with a JMS store to store audit information.
Source
Sun Book
Tags
Audit
|