Information Security
Mamoona Jabbar
,Information Security
Topic: Auditing
, Auditing
Logging: Recording events or statistics to provide information about
system use and performance
Auditing: analysis of log records to present information about the
system in a clear, understandable manner
Uses
• Describe security state
• Determine if system enters unauthorized state
Evaluate effectiveness of protection mechanisms
• Determine which mechanisms are appropriate and working
• Deter attacks because of presence of record
, Auditing
Problems
What do you log?
• Hint: looking for violations of a policy, so record at least what
will show such violations
What do you audit?
• Need not audit everything
• Key: what is the policy involved?
Mamoona Jabbar
,Information Security
Topic: Auditing
, Auditing
Logging: Recording events or statistics to provide information about
system use and performance
Auditing: analysis of log records to present information about the
system in a clear, understandable manner
Uses
• Describe security state
• Determine if system enters unauthorized state
Evaluate effectiveness of protection mechanisms
• Determine which mechanisms are appropriate and working
• Deter attacks because of presence of record
, Auditing
Problems
What do you log?
• Hint: looking for violations of a policy, so record at least what
will show such violations
What do you audit?
• Need not audit everything
• Key: what is the policy involved?
