The AuditManager (AM) is a service in the area of secure identity and access management. It is a service and provides an audit function for various specialized applications.
The AM is based on the implementation of the CeSECore core. Authorization checks are performed using ID tokens and X.509 certificates. Information for creating an audit entry can be supplied by the specialist applications via REST interface.
The Audit Manager has a number of administrative functions. These include in particular the creation of module specific storage areas, the assignment of authorizations via SSL client authentication or ID tokens, the assignment of log backends to storage areas, the management of additional log providers, integrity protection both in the and the configuration. As well as search, verification and export of audit logs.
Operations are provided using HTTP GET/POST methods. Access to the Audit Manager interfaces is token based. For this purpose, a signed token is created by the IdP, which contains the corresponding user information that can be used to check access authorization to the Policy Manager interfaces. The required peripheral systems are a CeSECore core, a DBMS, an AuditManagerProxy and a PolicyManagerService.