Secure Req 14: Difference between revisions
m (8 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:03, 28 June 2018
<< Back to Baseline Functional Requirements Index
SECURE-14. SECURITY LOGS
Entities conducting digital identity management functions MUST log their transactions and security events, in a manner that supports system audits and, where necessary, security investigations and regulatory requirements. Timestamp synchronization and detail of logs MUST be appropriate to the level of risk associated with the environment and transactions.
SUPPLEMENTAL GUIDANCE
Transactions and events associated with systems that support identity management functions must be time-stamped and logged. Where necessary additional information related to the events also must be logged (such as the source of an authentication assertion) with the data needed to support audits.
Selection of logging and timestamping standards, processes, and procedures should be consistent with the processes outlined in SECURE-1 (SECURITY PRACTICES).
Audit records and logs must be protected consistent with SECURE-2 (DATA INTEGRITY).
REFERENCES
As an example: HIPAA Security Regulations regarding development and maintenance of logging procedures and records: 45 CFR Part 164, § 164.308(a)(1)(ii)(D), § 164.408(c): http://www.ecfr.gov/cgi-bin/text-idx?node=pt45.1.164&rgn=div5
APPLIES TO ACTIVITIES
REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION
KEYWORDS
AUDIT, LOGS, PROCESS, SECURITY
Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |