Chapter 9. Audit Logging


Audit records are a critical but often poorly understood and executed feature of information systems. Effective auditing for a substantive oversight regime requires a great measure of thoughtfulness and planning at the outset, and various considerations must be addressed in engineering and architectural decisions to help provide a sound audit framework. When properly designed and implemented, audit records can help systems administrators, data stewards, and institutions more confidently provide for accountability, trust, and reduced risk and liability.

Why Are Audit Records Important?

Earlier, we noted that application-level security involves two key aspects: access control and oversight. We then discussed how restrictions imposed through access controls and data-revelation techniques enforce necessary requirements for a privacy-friendly system but are not sufficient by themselves. This is because as long as there are access controls that allow access to any sensitive data, there are ways in which that access can be abused. Beyond access controls and selective data-exposure techniques, organizations need infrastructure for effective oversight, which will allow for the careful observations of the use of the system. Only through active monitoring and oversight of the system can the risks posed by legitimate access be managed and mitigated.

Auditability is critical not just for internal verification purposes but also for asserting accountability ...

Get The Architecture of Privacy now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.