Professional Documents
Culture Documents
Audit Trail
Audit Trail
both of these
Individual accountability
Reconstruction of events
Intrusion detection
Problem analysis
BENEFITS AND OBJECTIVES
OF AUDIT TRAIL
Individual accountability
Audit trails maintain individual accountability.
Every person is liable for his/her
own actions. Audit trail traced and record all the
activities done by users. This may restrict the usage
of computer resources. Only the authorized person
can access the required resources and this will help to
save resources from misuse.
Reconstruction of events
Audit trail can also help to reconstruct the events if
any problem occur in the events. Audit trail can easily
access the damages in normal operations and suggest
how, when and why normal operation are damaged
and how it can be recovered. Audit trail helps to
distinguish operator induced error and system
created error
BENEFITS AND OBJECTIVES
OF AUDIT TRAIL
• Intrusion detection
intrusion detection is a process that
helps to identify attempts to penetrate
a system and unauthorized access.
These are of two types
Real time intrusion
After the fact intrusion
• Problem analysis
AUDIT TRAIL AND LOGS
Keystroke monitoring
It records the keystroke entered by the
computer user and the computer’ response .
AUDIT EVENTS
Audit trail may be used in to discern flaws in
application analysis, or violations of security
policy committed within an application.
Cost consideration
PROTECTING AUDIT
TRAIL
Data Access to on-line audit logs should be
strictly controlled. Computer security managers
and system administrators or managers should
have access for review purposes. Audit trail
records should be protected by strong access
controls to help prevent unauthorized access.
system overhead
human and machine time required to do the
analysis.
cost of investigating anomalous events.