|
|
|
CA Access Control clears both the kernel and audit caches in the following cases:
CA Access Control clears the entire cache when database information changes. New or modified access rules make an existing cache potentially inaccurate.
CA Access Control clears the entire cache when a time checkpoint affects an authorization result for any event. At the time that a DAYTIME restriction property or a HOLIDAY class record changes, the authorization result may change too and the cache becomes potentially inaccurate.
CA Access Control clears the entire cache when the watchdog identifies that a PROGRAM resource has changed and become un-trusted. An un-trusted program affects the result of an authorization request regarding that program. This makes the cache potentially inaccurate.
CA Access Control clears 10% of cache items (the least recently used items) when the audit cache fills up.
Once the cache is cleared, information from new interception events is needed to refill the cache and let CA Access Control intercept an audit event.
| Copyright © 2012 CA. All rights reserved. |
|