| 摘要 |
This invention provides a method to achieve centralized security audit for an authentication and authorization and access control system. At the transaction entry point, a transaction ID is created and associated with an audit-request and audit-response object. The entry point can be in a firewall (401), IDS (402), Proxy Server (403), Web Server (404) and Application Server (405). The implementation can be in hardware or software. As the request is passed downstream, a logging event occurring at any desired audit point will be added into the audit-request object during the downstream or audit-response object during the upstream. The accumulated logging event data will then be output to a persistent storage device (203) at the central location, which can be anywhere between the entry point to the end point of the transaction. This request-response based transactional auditing method is then applied to an Identity Management System in order to provide centralized secure audit for authentication, authorization, access control and single sign-on, multi-domain and multi-tiered server systems. Those multi-tiered enterprise systems can include firewall (401), IDS (402), proxy server (403), web server (404), application server (405), Web Services (414), MQ server (406) and mainframe SERVER (407). This audit method can also be applied to pass requests over a system that needs to redirect the requests over multiple external networks such as the Internet. |
