- From: Dave Hollander <dmh@contivo.com>
- Date: Fri, 26 Jul 2002 07:48:25 -0700
- To: "'Pete Wenzel '" <pete@seebeyond.com>, "'Joseph Hui '" <Joseph.Hui@exodus.net>
- Cc: "'Prafullchandra, Hemma '" <hprafullchandra@verisign.com>, "'www-ws-arch@w3.org '" <www-ws-arch@w3.org>
I like this wording. I am curious why "security-related events" as opposed to simply "events". Can not auditing be used for purposes beyound security? Is there some reason to not use the same mechanisms for any metric that there is reason to audit? Also, the nesting of perenthisis is probably a sign that the phrase needs a little tuning. Perhaps there is a better word than abnormal. Regards, Dave > Final:A+B: > Auditing: A service that reliably and securely records security-related > events (such as authentication events, policy enforcement decisions, > abnormal (deviations from the norm) events). The resulting audit trail > may be used to detect attacks, confirm compliance with policy, deter > abuse of authority or other purposes. >
Received on Friday, 26 July 2002 10:51:24 UTC