[cap-talk] Horton vs. ACLs - private namespaces and the Audit Problem
David Chizmadia (JHU)
chiz at cs.jhu.edu
Wed Oct 10 06:29:50 EDT 2007
All,
I'll agree that a human auditor would have insufficient
motivation or energy to audit at this level of resolution. But an
automated log analysis system could make very effective use of the
kind of event stream being discussed here to audit regulatory
compliance for (at least) SOX/OMB A123 and HIPAA.
-DMC
James A. Donald wrote:
> Jed Donnelley wrote:
> > There's something else that I think I don't understand
> > about this "audit problem." Namely, if we believe in
> > fine grained access control and small protection
> > domains (e.g. at the level of active objects in O-O
> > programming) that are necessarily very dynamic, what
> > sense does it make for an auditor to ask which
> > programs have access to which authorities?
>
> Indeed so. Any system that prevents trojans and
> malware, while allowing to the user to get his work
> done, is going to have such fine grained permissions
> that ordinarily no human will ever do an audit, except
> when the programmer is stepping through the program with
> a debugger, or analyzing the logs to discover how an
> attack was accomplished.
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>
>
More information about the cap-talk
mailing list