Secure Req 14

From IDESG Wiki
Jump to: navigation, search

<< Back to Baseline Functional Requirements Index

SECURE-14. SECURITY LOGS

Entities conducting digital identity management functions MUST log their transactions and security events, in a manner that supports system audits and, where necessary, security investigations and regulatory requirements. Timestamp synchronization and detail of logs MUST be appropriate to the level of risk associated with the environment and transactions.

SUPPLEMENTAL GUIDANCE

Transactions and events associated with systems that support identity management functions must be time-stamped and logged. Where necessary additional information related to the events also must be logged (such as the source of an authentication assertion) with the data needed to support audits.

Selection of logging and timestamping standards, processes, and procedures should be consistent with the processes outlined in SECURE-1 (SECURITY PRACTICES).

Audit records and logs must be protected consistent with SECURE-2 (DATA INTEGRITY).

REFERENCES

As an example: HIPAA Security Regulations regarding development and maintenance of logging procedures and records: 45 CFR Part 164, § 164.308(a)(1)(ii)(D), § 164.408(c): http://www.ecfr.gov/cgi-bin/text-idx?node=pt45.1.164&rgn=div5

APPLIES TO ACTIVITIES

REGISTRATION, CREDENTIALING, AUTHENTICATION, AUTHORIZATION, INTERMEDIATION

KEYWORDS

AUDIT, LOGS, PROCESS, SECURITY



Quick Links: SALS | Baseline Functional Requirements v1.0 | Glossary |