[cap-talk] Horton vs. ACLs - private namespaces and the Audit Problem
Mark Miller
erights at gmail.com
Wed Oct 10 11:47:34 EDT 2007
On 10/10/07, David Chizmadia (JHU) <chiz at cs.jhu.edu> wrote:
> I'll agree that a human auditor would have insufficient
> motivation or energy to audit at this level of resolution. But an
> automated log analysis system could make very effective use of the
> kind of event stream being discussed here to audit regulatory
> compliance for (at least) SOX/OMB A123 and HIPAA.
Without asking us to wade through the text of these, can you provide
us with any insight about how this could possibly be the case? How
would one write an automated compliance predicate that could give a
meaningful answer from such a low level trace of human-meaningless
data? If the regulation is simply: "though shall record oodles of
stuff", then I can see it. Otherwise, I can't imagine a compliance
test that could be answered from these logs.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list