Topic: security by audit trail

topics > computer science > Group: security

aspect-oriented programming
database security
digital signature
logging data and events
operating system security
security leaks and weaknesses
Subtopic: importance of auditing up

Quote: modern society does not prevent crime; it detects crime after the fact [»schnB_2000]
Quote: understand the attack and what it means; detect, localize, identify, assess [»schnB_2000]
Quote: the gold standard for security consists of authenticating principals, authorizing access, and auditing the guard's decisions [»lampBW6_2004]
Quote: a system must allow for audit and correction of performance and itself [»waltPL11_1979]
Quote: protect public keys by an audit trail giving registrations of keys, signatures, and compromised keys [»dennDE2_1983]
Quote: detection and punishment are the primary instruments of security

Subtopic: audit log up

Quote: produce audit logs that are admissible in court, prove guilt, and do not contain secrets [»schnB_2000]
Quote: in audit mode, the slab allocator records activity in a circular log; identifies owners of corrupted blocks [»bonwJ6_1994]

Subtopic: real-time detection up

Quote: detect intruders in close to real time, while they are still engaged in the attack

Subtopic: administrator access up

Quote: an attacker's activities are constrained by the jail and fully visible to the administrator; the jail administrator can inspected anything in the jail [»kampPH7_2004]

Subtopic: reference monitor up

Quote: to ensure security, a reference monitor must be tamper proof, invoked on every data reference, and small enough to be proven correct [»kargPA6_1974]
Quote: security rings and memory segmentation might be provably secure; e.g., Multics, a descriptor-based system [»kargPA6_1974]

Subtopic: chain of trust up

Quote: a chain of trust is a proof of an access control decision; store in a tamper-resistant log for auditing and accountability [»lampBW6_2004]

Subtopic: pattern-of-use attack up

Quote: secure file manager maintains a complete history of the last five minutes; prevents frequent versions of the same file for a pattern-of-use channel [»rushJ7_1983]

Subtopic: lock breaking up

Quote: in RCS, lock breaking automatically sends an e-mail message to the lock's owner; only used in real emergencies or if owner resigns [»tichWF7_1985]
Quote: in RCS, forcing a lock is possible; but it automatically sends email to the lock's owner [»tichWF9_1982]

Subtopic: problems with audit up

Quote: an attacker can bypass the auditing capabilities of a security system by erasing evidence [»kargPA12_2002]
Quote: passwords and security audits are no more than "security blankets" as long as hardware and software are vulnerable

Related Topics up

Topic: aspect-oriented programming (2 items)
Topic: database security (12 items)
Topic: digital signature (25 items)
Topic: logging data and events (17 items)
Topic: operating system security (18 items)
Topic: security leaks and weaknesses
(67 items)

Updated barberCB 1/05
Copyright © 2002-2008 by C. Bradford Barber. All rights reserved.
Thesa is a trademark of C. Bradford Barber.