Field of the Invention
The present invention generally relates to data security, and more specifically, relates to a system and method that audit information regarding data access.
Description of the Related Art
Nowadays, in any commercial and business setting, an action from an end-user at any workstation in a system with many subsystems may trigger innumerable data transactions throughout sub-systems. For example, a person can sit in front of his home computer, visit a website and purchase a product. This purchasing act will cause many actions to happen in one or more systems, for example, the information regarding the person may be recorded, the payment information may be recorded, the information about the product may be retrieved and displayed to the person, and the purchase information may be stored.
The information about these actions may be recorded by the front-end website host but the real users and actions are not associated with the back-end data transactions where data changes are made. Therefore, for a system accessed by thousands people each day, the retrieved information about a database access or communication between two sub-systems cannot be readily associated with the person who caused the actions to happen, nor for the business operations triggering data transactions. Thus, making it difficult to audit meaningful business transactions.
Therefore, there is a need for a system and method that audits transactions and records transactions associated with real users and business operations, and it is to this system the present invention is primarily directed to.