4.6.1.1 Log and review all access management failures and anomalies

From aptrust
Jump to: navigation, search


4.6.1.1 Log and review all access management failures and anomalies
Status Ready for review
Compliance Rating Fully compliant
Responsible



4.6.1.1 -The repository shall log and review all access management failures and anomalies.

Supporting Text

This is necessary in order to identify security threats and access management system failures.

Examples for Meeting the Requirement

Access logs, capability of the system to use automated analysis/monitoring tools and generate problem/error messages; notes of reviews undertaken or action taken as a result of reviews.

Discussion

A repository should have some automated mechanism to note anomalous or unusual denials and use them to identify either security threats or failures in the access management system, such as valid users’ being denied access. This does not mean looking at every denied access.

Evidence Provided

APTrust follows the standard security advice of granting least privilege — that is, granting only the permissions required to perform a task. Otherwise we default to DENY ALL. This means that all access is denied by default and only granted to specific users if absolutely necessary. The types of authorized and unauthorized access as well as security logs and records generated during APTrust operations are explained in Key Management, Security, and Logging.

Compliance Rating

Fully compliant

Status

Ready for review

Relevant Documents

  1. Key Management
  2. Security
  3. Logging