W3C home > Mailing lists > Public > www-ws-arch@w3.org > July 2002

RE: Glossary Definition for Audit(ing) [Was: RE: AG004 Closure S ought]

From: Dave Hollander <dmh@contivo.com>
Date: Fri, 26 Jul 2002 07:48:25 -0700
Message-ID: <BD52C6379806D51188DD00508BEEC96C4B64AD@mail.contivo.com>
To: "'Pete Wenzel '" <pete@seebeyond.com>, "'Joseph Hui '" <Joseph.Hui@exodus.net>
Cc: "'Prafullchandra, Hemma '" <hprafullchandra@verisign.com>, "'www-ws-arch@w3.org '" <www-ws-arch@w3.org>

I like this wording. I am curious why "security-related events" as
opposed to simply "events".

Can not auditing be used for purposes beyound security? Is there some
reason to not use the same mechanisms for any metric that there is
reason to audit?

Also, the nesting of perenthisis is probably a sign that the phrase
needs a little tuning. Perhaps there is a better word than abnormal.


> Final:A+B:
> Auditing: A service that reliably and securely records security-related
> events (such as authentication events, policy enforcement decisions,
> abnormal (deviations from the norm) events). The resulting audit trail
> may be used to detect attacks, confirm compliance with policy, deter
> abuse of authority or other purposes. 
Received on Friday, 26 July 2002 10:51:24 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:40:57 UTC