Difference between revisions of "Audit trail"
Shawndouglas (talk | contribs) (Created article stub.) |
Shawndouglas (talk | contribs) (Updated article stub.) |
||
Line 1: | Line 1: | ||
An '''audit trail''' is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event.<ref>{{cite web |url=http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf |title=National Information Assurance (IA) Glossary |publisher=Committee on National Security Systems |pages=4 |date=7 August 1996 |accessdate=07 March 2012 |format=PDF}}</ref><ref>{{cite web |url=http://www.atis.org/glossary/definition.aspx?id=5572 |title=ATIS Telecom Glossary 2012 - audit trail |publisher=ATIS Committee PRQC |date=2012 |accessdate=07 March 2012}}</ref> It may be composed of manual or computerized records of events and information, or both. | |||
An audit trail includes an unambiguous record of events — either individually, or in blocks of temporally connected changes — associated with an individual user (or if changes are created automatically by the system, this must be indicated) and the date and time the change occurred (e.g., by the use of a time zone or reference to GMT). The process that creates an audit trail often run in privileged mode so it can access and supervise all actions from all users and disallow normal users from accessing the audit trail. Another way of handling this issue is through the use of a role-based security model in the software.<ref>{{cite book |title=Insider computer fraud: an in-depth framework for detecting and defending against insider IT attacks |author=Brancik, Kenneth C. |chapter=Chapter 2: Related Research in Insider Computer Fraud and Information Security Controls |year=2007 |pages=18–19 |publisher=CRC Press |url=http://books.google.com/books?id=lsDngU-RUywC |isbn=1420046594}}</ref> | |||
==References== | |||
<references /> |
Revision as of 18:50, 7 March 2012
An audit trail is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event.[1][2] It may be composed of manual or computerized records of events and information, or both.
An audit trail includes an unambiguous record of events — either individually, or in blocks of temporally connected changes — associated with an individual user (or if changes are created automatically by the system, this must be indicated) and the date and time the change occurred (e.g., by the use of a time zone or reference to GMT). The process that creates an audit trail often run in privileged mode so it can access and supervise all actions from all users and disallow normal users from accessing the audit trail. Another way of handling this issue is through the use of a role-based security model in the software.[3]
References
- ↑ "National Information Assurance (IA) Glossary" (PDF). Committee on National Security Systems. 7 August 1996. pp. 4. http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf. Retrieved 07 March 2012.
- ↑ "ATIS Telecom Glossary 2012 - audit trail". ATIS Committee PRQC. 2012. http://www.atis.org/glossary/definition.aspx?id=5572. Retrieved 07 March 2012.
- ↑ Brancik, Kenneth C. (2007). "Chapter 2: Related Research in Insider Computer Fraud and Information Security Controls". Insider computer fraud: an in-depth framework for detecting and defending against insider IT attacks. CRC Press. pp. 18–19. ISBN 1420046594. http://books.google.com/books?id=lsDngU-RUywC.