Agents can keep track of and log all user activity during a session. Although much of a user’s activity is logged by the Policy Server, there are times when it may be necessary to log authorizations done out of agent cache. Agents call the audit() method to log such requests for resources.
By generating a unique transaction id, agents can correlate access control activity with application activity. The transaction id can be given to both the authorization and auditing methods so that the Policy Server would record the transaction-specific id associated with the application activity. This can be used for non-repudiation.
Copyright © 2014 CA.
All rights reserved.
|
|