GDPR Implementation on Authminder

Document ID : KB000095372
Last Modified Date : 10/05/2018
Show Technical Document Details
Issue:
We are looking for any possible solutions or fixpacks available to implement GDPR Regulations on data captured in CA Authminder & Riskminder database for our UK & EU Regions. We already have the table names capturing information like client IP address and usernames. I know we can write a stored proc on database to remove this data., what we are intersted is are there any solution available from CA product wise for implementing GDPR Regulations and if not what are the suggestions from CA.
Environment:
CA Advanced Authentication
Resolution:
- Currently we do not have any specific method to remove the user IP addresses from the database. We need to write the sql queries to achieve it.
- We store IP address in audit log table only, so we can delete by writing the queries.

- Below are the tables in which the IP address of users are stored:
ARRFSYSAUDITLOG_3DSECURE 
ARRFSYSAUDITLOG_3DSECURE_AR 
ARRF_CASE_TXN_3DSECURE 
ARRFSYSAUDITLOG 
ARRFSYSAUDITLOG_AR 
ARRF_CASE_TXN 
ARRFSYSAUDITLOG_MOBILE 
ARRFSYSAUDITLOG_MOBILE_AR 
ARRF_CASE_TXN_MOBILE 
ARWFADMINAUDITLOG 
ARWFADMINAUDITLOG_AR 
ARWFSVRMGMTAUDITLOG 
ARWFSVRMGMTAUDITLOG_AR 
ARWFISSUANCEAUDITLOG 
ARWFISSUANCEAUDITLOG_AR 
ARWFAUTHAUDITLOG 
ARWFAUTHAUDITLOG_AR
- We do not have any pre-existing method to fetch the IP details of an user.
- ARWFADMINAUDITLOG table has all the details of the operations performed by different ADMINs in your environment and ARWFSVRMGMTAUDITLOG table has all the details of the operations done on the instances in the environment. But, as it contains the CLIENTIPADDRESS, we have provided these tables.
- ARWFISSUANCEAUDITLOG and ARWFAUTHAUDITLOG tables contain the information about the issuance and authentication of the credentials for the users. Whenever we create a credential for a particular user, the transaction details are stored in ARWFISSUANCEAUDITLOG table. And, when an authentication is performed by that user with that that credential, the transaction details are stored in ARWFAUTHAUDITLOG table.