A Framework for E2E Audit Trails in System Architectures of Different Enterprise Classes

Luca Patzelt; Georg Neugebauer; Meik Döll; Sacha Hack; Tim Höner; Marko Schuba

doi:10.5220/0012367000003648

A Framework for E2E Audit Trails in System Architectures of Different Enterprise Classes

Luca Patzelt, Georg Neugebauer, Meik Döll, Sacha Hack, Tim Höner, Marko Schuba

2024

Abstract

In today’s world, there are more and more IT systems that are interconnected to provide services to a wide variety of business classes. Since their services are usually inevitably linked to financial and political interests, the number of attacks aimed at disrupting or profiting from these and the associated systems in various ways is constantly increasing. In this paper we design and implement a framework for the comprehensive auditing of IT systems in system architectures of different enterprise classes. For our solution, we evaluate formal requirements regarding audit trails, provide concepts for the pseudonymisation of audit data, develop software components for E2E audit trails and finally present a secure system architecture based on Kubernetes and Istio in conjunction with the storage components ArangoDB and HashiCorp Vault to achieve an efficient framework for creating E2E audit trails.

Download

Paper Citation

in Harvard Style

Patzelt L., Neugebauer G., Döll M., Hack S., Höner T. and Schuba M. (2024). A Framework for E2E Audit Trails in System Architectures of Different Enterprise Classes. In Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP; ISBN 978-989-758-683-5, SciTePress, pages 750-757. DOI: 10.5220/0012367000003648

in Bibtex Style

@conference{icissp24,
author={Luca Patzelt and Georg Neugebauer and Meik Döll and Sacha Hack and Tim Höner and Marko Schuba},
title={A Framework for E2E Audit Trails in System Architectures of Different Enterprise Classes},
booktitle={Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP},
year={2024},
pages={750-757},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012367000003648},
isbn={978-989-758-683-5},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP
TI - A Framework for E2E Audit Trails in System Architectures of Different Enterprise Classes
SN - 978-989-758-683-5
AU - Patzelt L.
AU - Neugebauer G.
AU - Döll M.
AU - Hack S.
AU - Höner T.
AU - Schuba M.
PY - 2024
SP - 750
EP - 757
DO - 10.5220/0012367000003648
PB - SciTePress