uAudit Trail Agent Architecture
u
uStorage of Audit Trail is an issue
«Distributed or Centralized ?
«Possible Solution:
«A Buffered Distributed - Centralized
Architecture
«Amalgamation of audit trail data at the central
server
•Timestamping
issues to ensure correct chronological sequencing of audit trail for analysis – Time sync , which time to
use
•Proper
Categorization of Audit Trail data to facilitate analysis
«Ensuring Tamperproofing of Audit Trail for the
Auditor
•Authentication
of Distributed Sources
•Encryption
•Access Control
•Secure
Transmission
«Audit trail management (Archiving and purging)
uAccess Control to Audit Trail