This page lays out the considerations and activities surrounding the Fedora 4 Audit Service.
Actions
- Define required Audit Service queries
- Perform comparative analysis of PROV-O vs. PREMIS-RDF
- Define repository events that should be recorded by the Audit Service
- Define event agents that should be supported by the Audit Service
- Define capability of the Audit Service REST-API
Unresolved Questions
The following questions need to be resolved by the next audit service meeting (to be scheduled between March 4-6). In each case, a default answer has been provided in case there is insufficient community input in the allotted time. The default answers are highlighted in green.
Should there be support for adding external events to the Audit Service?
- If yes, what restrictions, if any, should be enforced on this capability? (e.g. only when migrating from Fedora3? only by administrators?)
- If yes, what should the import format be?
Answer | Submitted by |
---|---|
Yes. By default, no restrictions will be enforced. | David Wilcox |
For event tracking, where is the user principal expected to come from?
Answer | Submitted by |
---|---|
Fedora will use servlet-request#getUserPrincipal to get the principal. This means that applications will need to pass user principals to Fedora in order for them to be recognized by the audit service. | David Wilcox |
How will user principals be mapped to persistent user identifiers?
This is related to the previous question, and need not be resolved as quickly as the other questions.
Answer | Submitted by |
---|---|
Proposed Requirements