Title

MarkLogic Server must protect against a user falsely repudiating having performed organization-defined actions. (Cat II impact)

Discussion

Non-repudiation of actions taken is required in order to maintain data integrity. Examples of particular actions taken by individuals include creating information, sending a message, approving information (e.g., indicating concurrence or signing a contract), and receiving a message. Non-repudiation protects against later claims by a user of not having created, modified, or deleted a particular data item or collection of data in the database. In designing a database, the organization must define the types of data and the user actions that must be protected from repudiation. The implementation must then include building audit features into the application data tables and configuring the DBMS's audit tools to capture the necessary audit trail. Design and implementation also must ensure that applications pass individual user identification to the DBMS, even where the application connects to the DBMS with a standard, shared account. MarkLogic Server includes an auditing capability. Auditing can be enabled to capture security-relevant events to monitor suspicious database activity or to satisfy applicable auditing requirements. Configure the generation of audit events by including or excluding MarkLogic Server roles, users, or documents based on URI. More information on auditing can be found here: https://docs.marklogic.com/guide/security/auditing

Check Content

Review the configuration of audit logs to determine whether auditing includes details identifying the individual user. If it does not, this is a finding. Perform the check from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Groups icon. 2. Click the group in which the configuration to check resides (e.g., Default). 3. Click the Auditing icon on the left tree menu. 4. Inspect the audit-enabled field. A value of false means there is no auditing identifying the individual user and this is a finding. 5. If audit enabled field is true, but the settings do not meet the DoD minimum requirements for non-repudiation, this is a finding.

Fix Text

Configure MarkLogic audit logs to ensure auditing includes details identifying the individual user. Perform the fix from the MarkLogic Server Admin Interface with a user that holds administrative-level privileges. 1. Click the Groups icon. 2. Click the group in which the configuration to check resides (e.g., Default). 3. Click the Auditing icon on the left tree menu. 4. Set the audit enabled field to true. 5. Configure the settings to meet DoD minimum requirements for protection against a user falsely repudiating.

Additional Identifiers

Rule ID: SV-220342r879554_rule

Vulnerability ID: V-220342

Group Title: SRG-APP-000080-DB-000063

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.