Auditing is the action of producing a trail of secure and nonrepudiatable events that transpired during the execution of a business process in order to detect how the process has been followed or changed, or the process data has been corrupted. Thus, where authentication and authorization manage which application users and components can access what features and data, auditing provides a history of application and data events that can be used to validate that all audited users and components and their actions were both anticipated and legal in the context of the application and its environment.
For example, if an otherwise valid user manages to exploit a security hole in an application to access forbidden features and data, auditing can record the user, the accessed data, and even the exact procedures, functions, and specific actions in the application that were executed to access the data.
Auditing relies on other basic security services to achieve its end, which is to capture application and data events in a way that cannot be altered after the fact. Even attempts to make such changes to auditing data can themselves be securely audited. Auditing is considered a basic component of application security because its results must be verifiable and unalterable. Thus, it is auditing that provides the means to ensure the nonrepudiation of internal data transactions and other application events, such as the receipt of messages. The assurance that audit data cannot be changed provides the means to verify the parties that have been involved in audited events.
The entire auditing capability is a complex one that, like security itself, involves a broad range of OpenEdge features and components. As such, it encompasses an entire core business service in OpenEdge.