Thank you for the opportunity to help you with your question!
The controls that are essential to prevent security threats in distributed applications and data include:
1) The control should protect data and integrity of system in case of invalid operation on secured data
2) Unauthorized invocations should be rejected by security control
3) Efficient protection against unauthorized users
The auditing approach should first start by insuring data integrity that is associated with application. Control should specify the operation that can invoked only by authorized person while rejecting access to unauthorized when the data resources are accessed. Irrespective of operation, control should select only that user which can be allowed access while restricting others. Rules should be strictly followed by control and on the basis of defined rules, users access should be granted or denied.
Please let me know if you need any clarification. I'm always happy to answer your questions.
Content will be erased after question is completed.