Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

Securing audit trails and making them available for the Get Audit Trails functionality
There are a number of approches to secure audit trails and make them available.

  1. Individual and independent ensurance of audit trails by the individual pillars and clients
  2. Individual ensurance of audit trails via common Audit trails SLA
  3. Audit trail service pulls audit trails and doing the ensurance via Audit trails SLA

Individual and independent ensurance of audit trails by the individual pillars and clients

This must include functionality to provide audit trails to Get Audit Trails function, if requested.

Benefits
  • Their can be different levels of securing the audit trals for dfifferent Clients and Pillars
Disadvantages
  • All clients and pillars must be available in order to get a full audit trail.

Individual ensurance of audit trails via common Audit trails SLA

The Get Audit Trails function can access the data via the Audit trails SLA.

Benefits
Disadvantages
  • There may be issues on the format which the data is stored in, since a media migration can result in changes to a lot of FileID audit trails, i.e. it can be storage consuming to store it in the required form.

Audit trails service pulls audit trails and does the ensurance via Audit trails SLA

Asks the pillars and other clients for audit trails to secure audit trails from pillars and other clients.

Benefits
Disadvantages
  • Delayed view of audit trail, because audit trail must be pulled before it can be delivered

The Get Audit Trail Client collects audit trails from different parts of the bit repository, i.e. audit trails information from pillars, clients, bus, alarms. These audit trails must therefore be secured either on individual initiative or by a dedicated client. The approach described here is that audit trails are ensured by letting pillars and clients secure copies on other pillars according to a Log-SLA. Especially the integrity client is important here.

An alternative could be to introduce Log-client secures the log, either by requesting log-updates from pillars and clients  or the pillars and clients request log-updates on the log-client.But the recommendation here is that Pillars and clients secure their own logs.

  • No labels