Title :
A model of security monitoring
Author_Institution :
Dept. of Math. & Comput. Sci., Dartmouth Coll., Hanover, NH, USA
Abstract :
A formal model of security monitoring that distinguishes two different methods of recording information (logging) and two different methods of analyzing information (auditing) is presented. From this model, implications for the design and use of security monitoring mechanisms are drawn. The model is then applied to security mechanisms for statistical databases, monitoring mechanisms for computer systems, and backups, in order to demonstrate its usefulness. It is concluded that the proposed model of logging and auditing is comprehensive enough to encompass very different schemes used in a variety of contexts. For example. Statistical database query control and file access monitoring systems do not seem to be related, and yet they create closely related security problems, and the mechanisms designed to improve the security of one will also improve the security of the other
Keywords :
security of data; auditing; backups; file access; formal model; logging; monitoring mechanisms; query control; recording information; security monitoring; statistical databases; Computer science; Computer security; Computerized monitoring; Data security; Educational institutions; Information analysis; Information security; Mathematical model; Mathematics; National security;
Conference_Titel :
Computer Security Applications Conference, 1989., Fifth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2006-4
DOI :
10.1109/CSAC.1989.81024
