11-2 Oracle Fusion Middleware Application Security Guide ■ Operational activities like starting and stopping applications, upgrades, and backups This allows compliance officers to perform periodic reviews of compliance policies. Monitoring The audit data naturally provides a rich set of data for monitoring purpose. In addition to any log data and component metrics that are exposed, audit data can be used to create dashboards and to build Key Performance Indicators KPIs for alerts to monitor the health of the various systems on an ongoing basis. Analytics Audit data can also be used in assessing the efficacy of controls through analysis on the audit data. The data can also be used for risk analysis. Based on historical data, a risk score can be calculated and assigned to any user. Any runtime evaluation of user access can include the various risk scores as additional criteria to protect access to the systems.

11.1.2 Today’s Audit Challenges

To satisfy the audit requirements, IT organizations often battle with the deficiencies in audit support for their deployed applications. There is no reliable standard for: ■ Audit Record Generation ■ Audit Record Format and Storage ■ Audit Policy Definition As a result, todays audit solutions suffer from a number of key drawbacks: ■ There is no centralized audit framework. ■ The quality of audit support is inconsistent from application to application. ■ Audit data is scattered across the enterprise. ■ Complex data correlation is required before any meaningful cross-component analysis can be conducted. ■ Audit policies and their configurations are also scattered. These factors are costing IT organization considerable amount of time and resources to build and maintain any reasonable audit solutions. With the data scattered among individual silos, and the lack of consistency and centralization, the audit solutions also tend to be fragile with idiosyncrasies among applications from different vendors with their current audit capabilities.

11.1.3 Oracle Fusion Middleware Audit Framework in 11g

Oracle Fusion Middleware Audit Framework is a new service in11g Release 1 11.1.1, designed to provide a centralized audit framework for the middleware family of products. The framework provides audit service for the following: ■ Middleware Platform - This includes Java components such as Oracle Platform Security Services OPSS and Oracle Web Services. These are components that are leveraged by applications deployed in the middleware. Indirectly, all the deployed applications leveraging these Java components will benefit from the audit framework auditing events that are happening at the platform level.