Visible to the public Central Audit Logging Mechanism in Personal Data Web Services

TitleCentral Audit Logging Mechanism in Personal Data Web Services
Publication TypeConference Paper
Year of Publication2018
AuthorsHa\c silo\u glu, A., Bali, A.
Conference Name2018 6th International Symposium on Digital Forensic and Security (ISDFS)
Keywordsaccess logs, API, API Policy, application program interfaces, Audit Logging, auditing, central audit logging mechanism, data source, Databases, Human Behavior, human factors, Internet, Law, personal data, personal data Web services, personal information, pubcrawl, resilience, Resiliency, Routing, Scalability, Security Audits, security of data, Servers, Simple object access protocol, Web Service, Web service platform, web services
Abstract

Personal data have been compiled and harnessed by a great number of establishments to execute their legal activities. Establishments are legally bound to maintain the confidentiality and security of personal data. Hence it is a requirement to provide access logs for the personal information. Depending on the needs and capacity, personal data can be opened to the users via platforms such as file system, database and web service. Web service platform is a popular alternative since it is autonomous and can isolate the data source from the user. In this paper, the way to log personal data accessed via web service method has been discussed. As an alternative to classical method in which logs were recorded and saved by client applications, a different mechanism of forming a central audit log with API manager has been investigated. By forging a model policy to exemplify central logging method, its advantages and disadvantages have been explored. It has been concluded in the end that this model could be employed in centrally recording audit logs.

URLhttps://ieeexplore.ieee.org/document/8355333
DOI10.1109/ISDFS.2018.8355333
Citation Keyhasiloglu_central_2018