Audit Log
The Audit Log is a trust component that provides granular auditability for system logs with immutable proofs, enhancing security and log authenticity throughout the FOSPS lifecycle.
Purpose
Audit Log ensures:
- Immutability: Logs cannot be altered after creation
- Non-repudiation: Actions cannot be denied
- Compliance: Regulatory audit requirements met
- Security: Tamper detection and alerting
Technology
Blockchain Backend
- Guardtime KSI (Keyless Signature Infrastructure)
- Hash registration in blockchain ledger
- Timestamping service
Log Management
- Rsyslog integration
- Structured logging format
- Secure transmission
Logged Activities
All platform activities including:
- User authentication (Keycloak)
- Resource access (FHIR Server)
- Focusing executions
- Preprocessor invocations
- Connector data retrievals
- Administrative actions
- Configuration changes
Log Structure
Each log entry contains:
- Timestamp: Precise time
- Actor: User or system component
- Action: What was performed
- Resource: Target of action
- Result: Success or failure
- Context: Additional metadata
- Hash: Blockchain-registered proof
Immutability Mechanism
- Log entry created
- Hash calculated
- Hash registered in blockchain
- Entry sealed (cannot be modified)
- Verification always possible
Access Control
Audit logs are:
- Read-only after creation
- Accessible to administrators
- Exportable for compliance
- Queryable via secure APIs
Integration
Used by:
- Security monitoring systems
- Metrics Manager dashboards
- Compliance reporting tools
- CTF verification
Related Concepts
- CTF - Trust framework
- Provenance - Resource traceability
- Keycloak - Authentication logging
- FOSPS - Platform architecture
- Metrics - Monitoring system