A Model of Security Monitoring



Bibliographic Information


A formal model of security monitoring that distinguishes two different methods of recording information (logging) and two different methods of analyzing information (auditing) is presented. From this model, implications for the design and use of security monitoring mechanisms are drawn. The model is then applied to security mechanisms for statistical databases, monitoring mechanisms for computer systems, and backups, in order to demonstrate its usefulness. It is concluded that the proposed model of logging and auditing is comprehensive enough to encompass very different schemes used in a variety of contexts. For example. Statistical database query control and file access monitoring systems do not seem to be related, and yet they create closely related security problems, and the mechanisms designed to improve the security of one will also improve the security of the other.

Copyright Notice

©1989 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author’s copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
The definitive version was published in Proceedings of the 5th Annual Computer Security Applications Conference, Dec. 1989.