View Issue Details

IDProjectCategoryView StatusLast Update
000223410000-002: Securitypublic2012-11-02 16:28
ReporterPaul Hunkar Assigned ToPaul Hunkar  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.02 
Summary0002234: Audit records should be restricted to administrators
Description

From NIST security review the following suggestion has been made. The OPC UA standard describes a robust auditing capability, but it should also describe that access to the audit information should be restricted from a security point of view, since it may contain sensitive information

TagsNo tags attached.
Commit Version
Fix Due Date

Activities

Paul Hunkar

2012-10-25 05:19

developer   ~0004180

Added text to indicate that audit records should be restricted

Jim Luth

2012-11-02 16:28

administrator   ~0004193

Reviewed and agreed to changes in 2012-10-30 telecon.

Issue History

Date Modified Username Field Change
2012-10-23 15:51 Paul Hunkar New Issue
2012-10-23 18:29 Jim Luth Status new => assigned
2012-10-23 18:29 Jim Luth Assigned To => Paul Hunkar
2012-10-25 05:19 Paul Hunkar Status assigned => resolved
2012-10-25 05:19 Paul Hunkar Fixed in Version => 1.02
2012-10-25 05:19 Paul Hunkar Resolution open => fixed
2012-10-25 05:19 Paul Hunkar Note Added: 0004180
2012-11-02 16:28 Jim Luth Status resolved => closed
2012-11-02 16:28 Jim Luth Note Added: 0004193