Auditing security

Auditing is a core business service (see OpenEdge Core Business Services) that can affect broad areas of an OpenEdge application defined by various classes of events, including database, internal system, and application events. Auditing security controls access to auditing policies and all the auditing data generated and contained within an audit-enabled OpenEdge database. It controls who can set auditing policies and who can access the auditing data generated from those policies, and how they can access that data.

Several mechanisms contribute to auditing security in the following OpenEdge components:

ABL — Elements of the language that support user authentication and authorization of auditing and database access privileges. For more information on user authentication and authorization in ABL, see Core user authentication and authorization.

OpenEdge SQL — Elements of the language that support user authentication and authorization of auditing and database access privileges. For more information on user authentication and authorization in SQL, see Core user authentication and authorization.

OpenEdge RDBMS — Authentication and authorization of users to access auditing data through various database administration and auditing tools. Also, the sealing of audit data against tampering.

Auditing security affects both application development and administration. For more information on OpenEdge auditing security, see Part III, Auditing.