Lecture Notes in Computer Science 
Publisher: Springer-Verlag Heidelberg 
ISSN: 0302-9743 
Subject:  Computer Science 
Volume 2851 / 2003 
Title:  Information Security 
ISBN: 3-540-20176-9
DOI: 10.1007/b13477
Chapter: pp. 14 - 28 
Online Date: December 2003  
Enabling Shared Audit Data
Adrian Baldwin and Simon Shiu

Audit is recognised as an important aspect of good security and business
practice however, current solutions are not supportive of electronic data
and processes. This paper describes an audit service that both acts as a
central place for logging from heterogeneous IT systems and a place to
search and check the audit data. Notarisation structures are proposed that
demonstrate the integrity of the audit records and allow users to check the
validity and integrity of subsets of the overall audit chain. The audit
system is based upon secure hardware allowing audit systems to be tightly
integrated into the overall IT infrastructure whilst remaining in an
alternative virtual trust domain.