Java Reference
In-Depth Information
ignored. he following are the types of access control information that is to be logged by the Web
application.
9.2.1.2.1 Invalid Access Attempts
Invalid access attempts by a user need to be logged by an application. If a user attempts mul-
tiple access attempts into an application, there is a great possibility that the user is trying to
brute-force the authentication system of an application to gain access to the application's pro-
tected resources. Logging this information alerts the application administrators about certain
attempts by the user(s) to forcibly circumvent the authentication system and gain access to the
application.
9.2.1.2.2 Password Lockouts, Resets, and Changes
Once the user reaches a certain limit on the number of invalid access attempts, the password lock-
out feature must be activated, requiring the user to contact the administrator or answer a series of
questions relating to user identity, before reactivating the user account. he reactivation procedure
is known as a
password reset
. he application must log password resets and password lockouts as
part of an efective logging strategy.
Password changes are implemented by certain Web applications, where the user is required
to change the password periodically. Password changes (and not the changed passwork itself )
also need to be logged as part of a comprehensive logging implementation for Web application to
ensure that all users are in compliance with password change requirements.
9.2.1.2.3 User Creation and Deletion
It is important to log user creation and deletion information, as it has serious security ramiica-
tions. For instance, if a malicious administrator creates dummy users in the application and is
able to compromise the application, then it is necessary for the act to be brought to the notice of
the organization, which can be achieved by logging the creation of new users in the system. Some
applications also have a system where one or more other users of the application approve the cre-
ation of new users. In such cases, the details of the approval also have to be logged to constitute a
complete audit trail. In a similar manner an attacker may delete user accounts in the application,
which might cause a great deal of inconvenience to the legitimate users of the application. Logging
this detail will provide the organization with information of the deletion as well as other informa-
tion like the initiating party, time, date, and so on.
9.2.1.3 Administrative Actions
Application administrators are considered as the custodians of the proverbial “crown jew-
els” of the organization. hey are the individuals who have access to the sensitive actions
and privileges in the application. hey are usually able to create, modify, or delete users and
have access to user activity information and other sensitive information contained within the
application. But as the famous saying goes, “Power tends to corrupt, and absolute power cor-
rupts absolutely.” Administrators have also been known to compromise the application from
the inside, thereby having a more devastating impact on the organization. It is therefore very
important for the application to log the entire administrator's activity. his provides a great
Search WWH ::
Custom Search