COMPLEX EVENT PROCESSING FOR SENSOR BASED DATA AUDITING

Christian Lettner, Christian Hawel, Thomas Steinmaurer, Dirk Draheim

Abstract

Current legislation demands organizations to responsibly manage sensitive data. To achieve compliance, data auditing must be implemented in information systems. In this paper we propose a data auditing architecture that creates data audit reports out of simple audit events at the technical level. We use complex event processing (CEP) technology to obtain composed audit events out of simple audit events. In two scenarios we show how complex audit events can be built for business processes and application users, when one database user is shared between many application users, as found in multi-tier architectures.

References

  1. Agrawal, R., Bayardo, R., Faloutsos, C., Kiernan, J., Srikant, R., 2004. Auditing Compliance with a Hippocratic Database, in Proceedings of the 20th VLDB Conference, Toronto, Canada.
  2. Agrawal, R., Evfimievski, A., Velu, R., 2007. Auditing Disclosure by Relevance Ranking, SIGMOD'07, June 12-14, 2007, Beijing, China.
  3. Chen, S., Jeng, J., Chang, H., 2006. Complex Event Processing using Simple Rule-based Event Correlation Engines for Business Performance Management, in Proceedings of the 8th IEEE International Conference on E-Commerce Technology and the 3rd IEEE International Conference on Enterprise Computing, E-Commerce, and E-Services (CEC/EEE'06), San Francisco, CA, USA.
  4. Esper, 2007. http://esper.codehaus.org/index.html.
  5. Johnson, C., Agrawal, R., 2006. Intersections of Law and Technology in Balancing Privacy Rights with Free Information Flow, 4th IASTED International Conference on Law and Technology, Oct. 2006, Cambridge, MA, USA.
  6. Lee, W., Fan, W., 2001. Mining System Audit Data: Opportunities and Challenges, in SIGMOD Record, Vol. 30, No. 4.
  7. Luckham, D., 2005. The Power of Events, AddisonWesley, Boston.
  8. Mangisengi, O., Pichler, M., Auer, D., Draheim, D., Rumetshofer, H., 2007. Active warehouse: data management for business activity monitoring, in Proceedings of the 9th International conference on Enterprise Information Systems (ICEIS 2007), Funchal, Madeira, Portugal.
  9. Motwani, R., Nabar, S., Thomas, D., 2007. Auditing a Batch of SQL Queries, in Proceedings of the 21th International Conference on Data Engineering (ICDE), Istanbul, Turkey.
  10. Natan, R., 2005. Implementing Database Security and Auditing, Elsevier Digital Press, Burlington, MA, USA.
Download


Paper Citation


in Harvard Style

Lettner C., Hawel C., Steinmaurer T. and Draheim D. (2008). COMPLEX EVENT PROCESSING FOR SENSOR BASED DATA AUDITING . In Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 1: ICEIS, ISBN 978-989-8111-36-4, pages 485-491. DOI: 10.5220/0001707004850491


in Bibtex Style

@conference{iceis08,
author={Christian Lettner and Christian Hawel and Thomas Steinmaurer and Dirk Draheim},
title={COMPLEX EVENT PROCESSING FOR SENSOR BASED DATA AUDITING},
booktitle={Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 1: ICEIS,},
year={2008},
pages={485-491},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001707004850491},
isbn={978-989-8111-36-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 1: ICEIS,
TI - COMPLEX EVENT PROCESSING FOR SENSOR BASED DATA AUDITING
SN - 978-989-8111-36-4
AU - Lettner C.
AU - Hawel C.
AU - Steinmaurer T.
AU - Draheim D.
PY - 2008
SP - 485
EP - 491
DO - 10.5220/0001707004850491