Incorporating policy-based authorization framework in audit rule ontology for continuous process auditing in complex distributed systems

Abstract

Complex distributed information systems that run their activities in the form of processes require continuous auditing of a process that invokes the action(s) specified in the policies and rules in a continuous manner. A shared vocabulary, or common ontology, used to defined the processes, and the audit rule ontology for processes or modules are integrated to form a hybrid ontology that supports the acquisition and evolution of ontologies. A methodology to construct a Common Ontology and an audit rule ontology by coupling to an expert system for Continuous Process Auditing (CPA) has been introduced recently. In this paper, we present a policy-based authorization methodology incorporating Audit Rule Ontology for CPA within distributed audit rule ontology. We also propose the use of probabilistic risk determination and evaluation of risk level, along with access history heuristics that define the adaptable access control policies before making policy decisions.