K2B Audit Security considerations

• The application itself (i.e. the application been audited)
• The audit analysis objects
• The audit management objects

There are no special considerations for deploying the application itself but to be sure it does not accidentally contain audit analysis or management objects that you do not want in it.

Audit analysis objects

Are used to process and query audit data. They do not change audit data but may be used to understand your application data base. They should be deployed to different web application. One having more restrictive access than the application itself. The list of main audit analysis objects follows:

• K2BAuditAnalyzer.UI.Home
• K2BAuditAnalyzer.WWALoad
• K2BAuditAnalyzer.WWAConversion
• K2BAuditAnalyzer.WWAParameter
• K2BAuditAnalyzer.AnalyzeByApplicationDataMain
• K2BAuditAnalyzer.ConfigureApplicationData

Audit management objects

Are critical in terms of security. Having access to them may be used to understand your application data base and to start/stop auditing. They are usually not public. The list of main audit management objects follows:

• All files in K2B Audit SQL scripts directory
  See K2B Audit SQL scripts directory location
• K2BAudit.CreateAuditTriggersWeb web panel
• K2BAudit.CreateAuditTriggersMain procedure
• K2BAudit.CreateAllTriggersMain procedure
• K2BAudit.DropAllTriggersMain procedure
• K2BAudit.CreateAuditMetadataMain procedure
• K2BAudit.WorkWithAuditTriggersMain web panel
• K2BAudit.Reorganization procedure
• K2BAudit.ReorganizeMetadata procedure
• K2BAuditAnalyzer.SerialAuditConversionMain procedure
• K2BAuditAnalyzer.UI.ConvertAuditLog web panel
• K2BAuditAnalyzer.UI.PurgeEarlierThanGivenDate web panel
• K2BAuditAnalyzer.UI.ResetPendingConversions web panel
• K2BAuditAnalyzer.PurgeLastYearAuditQuery procedure