Differences

This shows you the differences between two versions of the page.

--- en:dev:modules:auditing [2017/03/10 22:36] – angelegt admin
+++ en:dev:modules:auditing [2018/07/29 10:16] (current) – ==== User stories ==== nerdoc
@@ Line 1: / Line 1: @@
-{{tag>module}}
 ====== Auditing module ======
----- dataentry modules ----
+Dependencies: [[en:dev:modules:core]]
-description: /* Keeps a track of all database access actions */
-author: /* not yet written */
-/* email_mail:  Author email address */
-depends_pages: core /* comma separated list of modules that this module depends on */
-conflicts_pages: /* comma separated (lowercase) list of modules that can't be installed together with this module */
-----
 ===== Description =====
-=== Purpose of the module ===
+Keeps a track of all database access actions (especially of the users').
-This modules exposes an API for other modules to explicitely log database and other actions. It hooks transparently into all database access functions and logs the access: user, timestamp, target (which object/column, etc), action (CRUD).
-=== Responsibilities ===
+This modules exposes an API for other modules to explicitly keep an
+audit trail of database access and other actions. It hooks transparently
+into all of the client's database access requests and logs the following
+data: user, timestamp, target (which object/column, etc), action (CRUD).
-=== Structure ===
+This access audit trail should be cryptographically signed if possible.
+The logging must be done on the server side to prevent tampering from the client. A client side audit API IMHO is not necessary.
+Have a look at [[http://publicdb.gnumed.de/~ncq/gnumed/schema/release/gnumed-entire_schema.html#audit.schema|Gnumed's audit database schema]] for a working possible solution.
+==== User stories ====
 ===== Links =====
@@ Line 22: / Line 21: @@
   * [[en:dev:modules:auditing:spec|Specification]]
   * [[please-include-here-the-link-to-the-API|API]]
+{{tag>module}}