This open access book discusses the most modern approach to auditing complex digital systems and technologies.

Cloud storage is considered to be the most critical factor in decision making for users as it largely scales down the infrastructure in terms of size, cost and design. Considering factors such as local storage cost, maintenance a single server model can support multiple users on a needed basis. This raises concerns for integrity verification i.e., assuring the correctness of the data stored ava...

We study the computational complexity of auditing finite attributes in databases allowing statistical queries. Given a database that supports statistical queries, the auditing problem is to check whether an attribute can be completely determined or not from a given set of statistical information. Some restricted cases of this problem have been investigated earlier, e.g. the complexity of statis...

This paper examines the potential relationships of Continuous Auditing and Emergency Preparedness to the design, development, and implementation of Emergency Response Management Information Systems (ERMIS). It develops an argument for the integration of emergency response processes and continuous decision process auditing requirements into the system development life cycle of an organization wi...

Introduction Both health information technology (HIT) and the payment card industry (PCI) involve the exchange and management of sensitive, protected information. Compared to the PCI, HIT could consider protected health information (PHI) more sensitive than PCI cardholder data. If cardholder data is breached in the PCI, payment card companies may then remove fraudulent charges from the customer...

Some digital signature algorithms (such as RSA) require messages to be padded before they are signed. Secure tokens can use these padding bits as a subliminal channel to embed auditing information in their signed messages. These auditing bits simplify protecting against lost and stolen tokens, breaks of specific protocols, hash functions, and ciphers, and attacks based on defeating a token’s ta...

Configuration navigation and change-auditing is one of the most complex yet common tasks performed by network operators on a regular basis. Change-auditing router configuration files accurately is a challenging task due to presence of structure and hierarchy in the config content. Generic diff tools do not have the notion of context or syntactic structure while comparing files and produce diff ...