In distributed systems security relevant activity is not isolated within individual components but spans many components. Indeed, the very purpose of a distributed system is to enable the end-users of the system to utilise the resources of components throughout the system and not just those of their local workstation. An unauthorized user may mount an attack via multiple entry points to the distributed system - such intrusions are not necessarily focused through a single point of entry.
Within a distributed system it is therefore necessary to monitor activity across and between components, but this is made difficult by the current component-specific approaches. It is not easy to compare activity across system components when the events monitored and the record formats may be different. It is especially difficult to do this in a timely manner to detect and respond to intrusion attempts.
The Open Group is developing an industry-wide specification for global auditing, the XDAS. This service is intended to be a complement to existing system component specific audit services, and would not replace them.
Functional Requirements for XDAS
Security Requirements for XDAS
Return to Security Introductory page