Goal-Oriented Auditing and Logging

نویسندگان

Matt Bishop

Christopher Wee

Jeremy Frank

چکیده

Matt Bishop Christopher Wee Jeremy Frank Department of Computer Science University of California at Davis Davis, CA 95616-8562 This paper presents a technique for deriving audit requirements from security policy, with examples for informal specifications. Augmenting these requirements with a system model allows an analyst to determine specific functions within the system that must be audited. We demonstrate the effectiveness of this technique by deriving audit criteria for the Network File System, and show that the results would detect numerous well-known attacks upon implementations of that protocol.

متن کامل

منابع مشابه

DiALog: A Distributed Model for Capturing Provenance and Auditing Information

Service-oriented systems facilitate business workflows to span multiple organizations (e.g., by means of Web services). As a side effect, data may be more easily transferred over organizational boundaries. Thus, privacy issues arise. At the same time, there are personal, business and legal requirements for protecting privacy and IPR and allowing customers to request information about how and by...

متن کامل

Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry

Introduction Both health information technology (HIT) and the payment card industry (PCI) involve the exchange and management of sensitive, protected information. Compared to the PCI, HIT could consider protected health information (PHI) more sensitive than PCI cardholder data. If cardholder data is breached in the PCI, payment card companies may then remove fraudulent charges from the customer...

متن کامل

Dynamic Aspect-Oriented Security Policy Enforcement

There are many approaches to utilizing aspect-oriented (AO) languages and techniques for the purpose of introducing security into applications. The cross-cutting nature of security has been well documented and therefore the benefit of implementing security using AO techniques logically follows. Authentication, authorization, auditing, logging, etc. are obvious activities that can easily be intr...

متن کامل

Auditing overhead, auditing adaptation, and benchmark evaluation in Linux

Logging is a critical component of Linux auditing. However, our experiments indicate that the logging overhead can be significant. The paper aims to leverage the performance overhead introduced by Linux audit framework under various usage patterns. The study on the problem leads to an adaptive audit-logging mechanism. Many security incidents or other important events are often accompanied with ...

متن کامل

Foundations for Auditing Assurance

Retrospective security is an important element of layered security systems. Auditing is central to the theory and practice of retrospective security, however, in systems where auditing is used, programs are typically instrumented to generate audit logs using manual, adhoc strategies. This is a potential source of error even if log auditing techniques are formal, since the relation of the log it...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

متن کامل

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 1996

Goal-Oriented Auditing and Logging

نویسندگان

چکیده

منابع مشابه

DiALog: A Distributed Model for Capturing Provenance and Auditing Information

Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry

Dynamic Aspect-Oriented Security Policy Enforcement

Auditing overhead, auditing adaptation, and benchmark evaluation in Linux

Foundations for Auditing Assurance

عنوان ژورنال:

اشتراک گذاری