×

Logging access system events

  • US 9,038,170 B2
  • Filed: 02/26/2001
  • Issued: 05/19/2015
  • Est. Priority Date: 07/10/2000
  • Status: Active Grant
First Claim
Patent Images

1. A method for logging access system events, comprising:

  • detecting an access system event which includes accessing a resource and access information;

    testing whether access to the resource is authorized based on the access information without granting authorization to the resource, wherein the testing includes accessing an authorization rule for the resource and accessing an identity profile for a first user to determine whether at least a portion of the authorization rule is satisfied based on information in the identity profile;

    reporting whether access to the resource is authorized based on the testing by;

    creating in an audit log a log entry for said access system event which includes an indication of whether access to the resource is authorized based on the testing,storing the authorization rule for the resource and used during said testing in said log entry, andstoring information from the identity profile for the first user in said log entry, the information from the identity profile stored in the log entry comprising one or more attributes of the identity profile for the first user, the attributes identified by an audit rule associated with the resource;

    monitoring the audit log with an audit log sensor for events associated with at least one of one or more event types associated with the access system event;

    accessing instructions for an event type associated with the access system event, wherein the instructions specify that a value of one or more attributes of the attributes in the identity profile is to be added to the audit log entry;

    accessing the identity profile for the user in response to the instructions;

    adding the value of one or more attributes of the plurality of attributes in the identity profile of the user to the audit log entry in accordance with the instructions; and

    storing the audit log entry including the one or more attribute values in an application server.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×