Wikia

The IT Law Wiki

Audit trail

31,933pages on
this wiki
Talk0

Definitions Edit

Computer security Edit

An audit trail (also audit log) is

[a] [c]hronological record of system activities to enable the reconstruction and examination of the sequence of events and/or changes in an event. For example, an audit trail might be a record of all actions taken on a particularly sensitive file or a record of all users who viewed that file.[1]
[a] record showing who has accessed an Information Technology (IT) system and what operations the user has performed during a given period.[2]
the results of monitoring each operation of subjects on objects; for example, an audit trail might be a record of all actions taken on a particularly sensitive file or a record of all users who viewed that file.[3]
[the] [p]rocess for recording (logging) a sequence of activities on a system; such as user log-ins and log-outs. More expansive audit trails would record each user’s activity in detail — what commands were issued to the systems, what records and files were accessed or modified, etc. Audit trails are a fundamental part of computer security, used to trace (albeit usually retrospectively) unauthorized users and uses. They can also be used to assist with information recovery in the event of a system failure.[4]

Criminal law Edit

An audit trail is

[t]he use of audit procedures (e.g., tracking who is accessing the data or what data was accessed) combined with analysis of audit logs and follow-up for unauthorized or anomalous activity is essential for long-term system security and privacy.[5]

E-commerce Edit

In electronic commerce a good audit trail can help resolve programming errors and discrepancies in the how a transaction is recorded by the parties to the transaction.

Overview (Computer security) Edit

Audit trails are a fundamental part of computer security, used to trace (albeit usually retrospectively) unauthorized users and uses. They can also be used to assist with information recovery in the event of a system failure.[6]

"Audit trails may be used as either a support for regular system operations, or as a kind of insurance policy, or as both of these. As insurance, audit trails are maintained but are not used unless needed, such as after a system outage. As a support for operations, audit trails are used to help system administrators ensure that the system or resources have not been harmed by hackers, insiders, or technical problems."[7]

Electronic audit trails must provide a chain of custody for the secure electronic transaction that identifies sending location, sending entity, date and time stamp of receipt, and other measures used to ensure the integrity of the document. These audit trails must be sufficiently complete and reliable to validate the integrity of the transaction and to prove, a) that the connection between the sender and the recipient has not been tampered with, and b) how the document was controlled upon receipt.[8]

References Edit

  1. CNSSI 4009, at 4.
  2. NIST Special Publication 800-47, at D-1.
  3. Cryptography’s Role in Securing the Information Society, App. B, Glossary, at 354.
  4. U.S. Department of Justice, Guide to Conducting Privacy Impact Assessments for State, Local, and Tribal Information Sharing Initiatives, at 31.
  5. Criminal Intelligence Glossary (Nov. 2004).
  6. Privacy and Civil Liberties Policy Development Guide and Implementation Templates, App. E, Glossary.
  7. Mobile Security Reference Architecture (document), at 86.
  8. OMB, Procedures and Guidance; Implementation of the Government Paperwork Elimination Act, 65 Fed. Reg. 25508-21 (May 2, 2000) (full-text).

See also Edit

Around Wikia's network

Random Wiki