A standard audit trail format
作者: M. Bishop
DOI:
关键词:
摘要: The central role of audit trails, or (more properly) logs, in security monitoring needs little description, for it is too well known any to doubt it. Auditing, the analysis a part not only computer system but also analyzing financial and other non-technical systems. As this process, often necessary reconcile logs from different sources. This speaks need standard logging format. A log format robust enough meet heterogeneity, transportability across various network protocols, flexibility sufficient variety very environments must satisfy two basic properties: extensibility portability. report presents author`s proposed record. In section 3, he shows how where translation should be done, 4 demonstrates records several disparate systems would put into Section 5 concludes with some observations suggestions future work.
osti.gov
ucdavis.edu 参考文章(3)
Dennis M Ritchie, Ken Thompson, None, The UNIX time-sharing system Communications of the ACM. ,vol. 26, pp. 84- 89 ,(1983) , 10.1145/357980.358014
K.N. Rao, Security audit for embedded avionics systems annual computer security applications conference. pp. 78- 84 ,(1989) , 10.1109/CSAC.1989.81031
K.F. Seiden, J.P. Melanson, The auditing facility for a VMM security kernel ieee symposium on security and privacy. pp. 262- 277 ,(1990) , 10.1109/RISP.1990.63856