Re: Glossary Definition for Audit(ing) [Was: RE: AG004 Closure Sought]

+1 for Hemma's embellishment.  I especially like the neutral phrasing
of "policy enforcement decisions", because it is often important to
capture more than just negative (abnormal) events.  Sometimes you will
want to see "who did what", even if the "what" was well within the
authority and expected range of activities of the "who".

--Pete
Pete Wenzel <pete@seebeyond.com>
SeeBeyond
Standards & Product Strategy
+1-626-471-6311 (US-Pacific)

Thus spoke Joseph Hui (Joseph.Hui@exodus.net) on Thu, Jul 25, 2002 at 06:46:53PM -0700:
> Thanks again, Hemma.
>  
> I'm also noting your A+B as Text B embellished.
> If the similarity shared by yours and Hoa's is also shared
> by popular sentiment, then I think we're just aboutt there.
>  
> Joe Hui
> Exodus, a Cable & Wireless service
> ===================================
>  
>  -----Original Message-----
> From: Prafullchandra, Hemma [mailto:hprafullchandra@verisign.com]
> Sent: Thursday, July 25, 2002 6:02 PM
> To: www-ws-arch@w3.org
> Subject: RE: Glossary Definition for Audit(ing) [Was: RE: AG004 Closure
> S ought]
> 
> 
> 
> Text A: 
>   Auditing provides passive tracking and logging of 
>   security-related activities, incidents, and events 
>    (such as authentication events, unproven claims, or bad 
>   signature occurrences). Administrator can securely managed 
>   and analyze these audit records to take appropriate action 
>    against antagonists. 
> 
> Text B:
>   Audit: A service that reliably records security-related events
>   for future reference. The resulting audit trail may be used to
>   detect attacks, confirm compliance with policy, deter abuse
>   of authority or other purposes. 
>  
> Final:A+B:
> Auditing: A service that reliably and securely records security-related
> events (such as authentication events, policy enforcement decisions,
> abnormal (deviations from the norm) events). The resulting audit trail
> may be used to detect attacks, confirm compliance with policy, deter
> abuse of authority or other purposes. 
>  
> Unless there was something specific in A, about the players involved
> that you
> wanted to capture or the nature of this activity. Feel free to polish
> A+B further
> but I really think this captures the essence of what we want to say
> given all the other restrictions!
>  
> hemma

Received on Thursday, 25 July 2002 22:38:22 UTC