Distributed Audit Services

In distributed systems security relevant activity is not isolated within individual components but spans many components. Indeed, the very purpose of a distributed system is to enable the end-users of the system to utilise the resources of components throughout the system and not just those of their local workstation. An unauthorized user may mount an attack via multiple entry points to the distributed system - such intrusions are not necessarily focused through a single point of entry.

Within a distributed system it is therefore necessary to monitor activity across and between components, but this is made difficult by the current component-specific approaches. It is not easy to compare activity across system components when the events monitored and the record formats may be different. It is especially difficult to do this in a timely manner to detect and respond to intrusion attempts.

The Open Group is developing an industry-wide specification for global auditing, the XDAS. This service is intended to be a complement to existing system component specific audit services, and would not replace them.

Introduction to XDAS

Functional Requirements for XDAS

Audit Event Services
Audit Service Management
Audit Event Management
Audit Log Management
Audit Log Retrieval

Security Requirements for XDAS

Distributed System Requirements for XDAS
Non-functional Requirements for XDAS
Out of Scope

 

Return to Security Introductory page

    
© 1995-2010
     Sales Enquiries      Site Index