Auditing Authorization Decisions
First Claim
1. A system implementing a security authorization paradigm comprising an access control scheme and an auditing scheme;
- wherein the access control scheme includes a semantic framework comprising assertions and authorization queries; and
wherein the auditing scheme includes an audit policy that is coupled to the semantic framework of the access control scheme such that the audit policy is specified using at least a portion of the semantic framework.
2 Assignments
0 Petitions
Accused Products
Abstract
The auditing of authorization decisions is facilitated by integrating or coupling an audit policy to access control decisions. In an example implementation, an audit policy of an auditing scheme is coupled to a semantic framework of an access control scheme such that the audit policy is specified using at least a portion of the semantic framework. In another example implementation, audit policy rules include audit content rules that specify what audit information from any of the inputs, the outputs, or the internal data of authorization decisions is to be included in an audit record. In yet another example implementation, a semantic of an audit trigger rule comports with a semantic framework of an access request and of a logical evaluation for an authorization decision.
36 Citations
20 Claims
-
1. A system implementing a security authorization paradigm comprising an access control scheme and an auditing scheme;
- wherein the access control scheme includes a semantic framework comprising assertions and authorization queries; and
wherein the auditing scheme includes an audit policy that is coupled to the semantic framework of the access control scheme such that the audit policy is specified using at least a portion of the semantic framework. - View Dependent Claims (2, 3, 4, 5, 6)
- wherein the access control scheme includes a semantic framework comprising assertions and authorization queries; and
-
7. A device implementing an auditing scheme that is integrated with an access control scheme, the access control scheme making authorization decisions in response to access requests for resources, the authorization decisions including inputs, outputs, and internal data;
- wherein the auditing scheme includes an audit policy that comprises audit policy rules, the audit policy rules including audit content rules that specify what audit information from any of the inputs, the outputs, or the internal data is to be included in an audit record.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
15. A method comprising:
-
specifying at least one audit trigger rule that indicates when an audit record is to be generated; receiving an access request targeting a particular resource; performing, in response to the access request, a logical evaluation of an authorization query in conjunction with an assertion context to make an authorization decision about the particular resource; detecting if the at least one audit trigger rule matches the access request or the logical evaluation; and if the at least one audit trigger rule is detected to match, generating an audit record; wherein a semantic of the at least one audit trigger rule comports with a semantic framework of the access request including the particular resource and the logical evaluation including both the authorization query and the assertion context. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification