La lecture en ligne est gratuite
Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres
Télécharger Lire

audit

12 pages
theork.vAuditLogsistocouldSuppAortfraud.Computerallet|aFwithorensicswattacBruceenScdevicehneierthatJohnmanipulation.Kelseyforfprogramsschneier,kelseyreliablegallet@counterpane.ouldcomtheCounofterpaneerSystems,eople101eenEastevMinnehahathePearedarkwdetermineaeyen,detectMinneapConsiderolis,dongleMNof55419kAbstracter,InWmanofytampreal-wsuccess-orldectionapplications,with.sensitivehainforma-thetionmacmlogsustresistSecurehkaepttheinlaterlogsamelestheonthisanitunStolltrustedbma-hanismscer'shine.aInossibletheisevafterenmectethatcalculator-likanetc.|attacbkTheerkcapturesitthis].macohine,Twlikeanwactionsouldtolikvelogtosoguaran],teeethatbheexampleswillfromgainlogslittleactivitorennounalterable,informationthatfromvtheerloginlesandandsecuredtoorlimitmachisesabilitvyertneedso1corruptistheoflognotles.ersonWwnerewithindescribersioneera[SK98].computationallyessencmecheapplacemethotheredsomeforauditmakingustallattaclogatenistriestogeneratedallpriorulationstolog;thesystemlogginghmacfact.hine'ssortcom-abpromisetoimpelectronicossiblecard,fordevice,theaattacconkdataersometoerread,erandectedalsomostimpout,ossiblenotto,undetectablywmowdifyinorcomputersdestroinyw ...
Voir plus Voir moins

Vous aimerez aussi

the
ork.
v
Audit

Logs
is
to
could
Supp
A
ort
fraud.
Computer
allet|a
F
with
orensics
w

attac
Bruce
en
Sc
device
hneier
that
John
manipulation.
Kelsey
for
f
programs
schneier,kelsey
reliable
g
allet
@counterpane.
ould
com
the
Coun
of
terpane
er
Systems,
eople
101
een
East
ev
Minnehaha
the
P
eared
arkw
determine
a
e
y
en
,
detect
Minneap
Consider
olis,
dongle
MN
of
55419
k
Abstract
er,
In
W
man
of
y
tamp
real-w
success-
orld
ection
applications,
with.
sensitiv

e
ha
informa-
the
tion
mac
m
logs
ust
resist
Secure
h
k
a
ept
the
in
later
log
same
les
the
on
this
an
it
un
Stoll
trusted
b
ma-
hanisms
c
er's
hine.
a
In
ossible
the
is
ev
after
en
mec
t
e
that
calculator-lik
an
etc.|
attac
b
k
The
er
k
captures
it
this
].
mac
o
hine,
T
w
lik
e
an
w
actions
ould
to
lik
v
e
log
to
so
guaran
],
tee
e
that
b
he
examples
will
from
gain
logs
little
activit
or
en
no
unalterable,
information
that
from
v
the
er
log
in
les
and
and
secured
to
or
limit
mac
his
es
abilit
v
y
er
t
needs
o
1
corrupt
is
the
of
log
not
les.
erson
W
wner
e
within
describ
ersion
e
er
a
[SK98].
computationally
essen
c
mec
heap
place
metho
there
d
some
for
audit
making
ust
all
attac
log
at
en
is
tries
to
generated
all
prior
ulations
to
log;
the
system
logging
h
mac
fact.
hine's
sort
com-
ab
promise
to
imp
electronic
ossible
card,
for
device,
the
a
attac
con
k
data
er
some
to
er
read,
er
and
ected
also
most
imp
out,
ossible
not
to
,
undetectably
w
mo
w
dify
in
or
computers
destro
in
y
w
.
the
1
k
In
dit
tro
oth
duction
data
A
sensors
Description
ond
of
attempts.
the
w
Problem
e
W
surviv
purp
tamp
this
when
v
is
e
for
a
will
n
vious
un-
allet
trusted
tamp
mac
are
hine,
systems
U
en-
,
proto
whic
computer
h
arious
is
w
not
needs
ph
e
ysically
of
secure
undeleteable
or
en
sucien
en
tly
attac
tamp
es
er-resistan
the
t
o
t
net
o

guaran
system
tee
en-
that
of
it
to
cannot
needs
just
to
tak
logs,
en
ter
o
on
v
logging
er
has
b
en
y
b
some
attac
attac
].
k
digital
er.
guaran
Ho
ticit
w
tak
ev
if
er,
erse-engineered
this
].
mac
a
hine
is
needs
the
to
p
b
as
e
hed
able
of
to
secrets
build
the
and
attac
main
of
tain
pap
a
app
le
in
of
device,
audit
is
log
tial
en
audit
tries
hanisms
of
in
some
to
pro
if
cesses,
has
measure-
een
men
attempted
ts,
These
ev
mec
en
m
ts,
surviv
or
the
tasks.
k
With
attempts
a
undetectable
minimal
This
amoun
not
for
system
puter
prev
com-
t
ork
p
teraction
manip-
with
of
a
audit
trusted
this
mac
a
hine,
to
T
suc
w
manipulations
net
the
an
Applications
t
this
t
of
o
hanism
mak
ound.
e
U
the
b
strongest
an
securit
w
y
smart
guaran
a
tees
e
p
a
ossible
on
ab
PC,
out
that
the
tains
authen
and
ticit
protected
y
y
o
kind
f
tamp
the
resistance.
log
tamp
on
resistance
U
exp
.
to
In
eep
particular,
attac
w
ers
e
but
d
is
o
100%
not
[AK96
w
McC96
an
Ho
t
ev
a
the
n
allet
attac
ccasionally
k
teracts
er
trusted
who
(
gains
)
con
banks.
trol
e
of
ould
U
e
at
w
time
to
t
eep
to
au-
a
log
able
b
to
its
read
and
log
from
en
arious
tries
designed
made
resp
b
to
efore
ering
time
Moreo
t
er,
,
Cli
and
lik
w
this
e
to
d
e
o
ful
not
ering,
w
that
an
the
t
allet
him
brough
to
[Sto89
b
insp
e
it
able
b
to
ob
alter
that
or
w
delete
has
log
een
en
ered
tries
There
made
other
b
of
efore
that
time
b
t
et
in
this
suc
col:
to
A
a
that
y
v
that
kinds
his
net
manipulation
ork
will
y
ter
to
undetected
v
when
log
U
tries
next
an
in
k
teracts
and
with
ev
T
in
.
ev
It
t
is
an
imp
k
ortan
tak
t
o
to
er
note
logging
that
hine
U
v
,
the
while
w
\un
1
trusted,"
An
isn't
trusion-detection
generally
that
exp
the
ected
try
to
exit
prin
p
compromised.
in
Ho
a
w-
area
ev
to
er,
attempts
w
delete
e
alter
m
ev
ust
af-
a
the
able
hine
to
whic
mak
the
e
tak
strong
place
statemen
b
ts
tak
ab
o
out
er
the
y
securit
n
y
k
of
[SK99
previously-generated

log
secure
en-
camera
tries
to
ev
tee
en
authen
if
In
U
pictures
is
en,
compromised.
en
In
it
systems
rev
where
sometime
the
[KSH96
o
ose.
wner
o
be
be
eh
a
ew
ti
n
be
to
f
i
n
,w
ew
be
haw
be
be
be
yo
f
Avand
e
e
A
,
computer
y
under
of
the
within
con
ti-
trol
e
of
to
a
men
marginally-
3
trusted
remainder
p
h
erson
using
or
using
en
exp
tit
min
y
also
needs
d
to
It
k
eration
eep
as
logs
some
that
fur-
can't
x

encryption,
c
)
hanged
X
after
h94
the
0
fact,
with
despite
U
the
ery
in
at
ten
e
tion
b
of
ously
the
infrequen
p
ou
erson
our
in
arc
con
knob
trol
of
of
this
the
e
ma-
heme.
c
heme.
hine
e'v
to
2
\rewrite
use
history"
for
in
(
some
7.
w
3.
a
's
y
or
.
X
This
],
also
X
comes
NMA
up
X
when
.
a
w
secure
w
copro
compromised.
cessor,
b
or
ute,
\dongle,"
en-
is
t
attac
will
hed
the
to
not
an
as
un
as
trusted
e
computer
en
[KS96
t
,
frequency
SK97b
U
].
log

r
A
\knob"
computer
based
that
this
is
adjusted
k
as
eeping
compromise
logs
er
of
divided
conden
Sec-
tial
to
information
t
needs
4
to
ariations
k
n
eep
summary
that
in
information
i
con-
o
den
er,
tial
wing
ev
unique
en
y
if
the
it
s
is
's
tak
using
en
or
o
[DBP96
v
digital
er
ey
for
suc
a
E
time
the
b
ey
y
h
some
or
attac
or
k
the
er.
(HMA

under
Mobile
.
computing
one-w
agen
suc
ts
tradeo
could
een
b
X
enet
w
from
exp
the
b
abilit
w
y
U
to
compromised
resist
a
alteration
example|then
of
send
their
to
logs
once
ev
ev
en
hence
when
to
they're
nearly
running
In
under
U
the
ected
con
compromised
trol
and
of
online
a
tin
ma-
Therefore,
licious
need
adv
unicate
ersary
to
[RS98
,
].
p
Limits
to
on
whic
Useful
ect
Solutions
y
A
The
few
hnique
momen
p
ts'
this
re-
vides
ection
the
will
can
rev
his
eal
o
that
furthermore,
no
b
securit
the
y
the
measure
p
can
rate
pro-
hange.
tect
P
the
remainder
audit
er
log
to
en
ws:
tries
2
written
notation
after
In
an
e
attac
general
k
in
er
e
has
and
gained
the
con
,
trol
6
of
vide
U
what
.
done
A
directions
t
researc
that
this
p
and
oin
In
t,
this
U
e
will
fol-
write
1.
to
ts
the
ti

Un pour Un
Permettre à tous d'accéder à la lecture
Pour chaque accès à la bibliothèque, YouScribe donne un accès à une personne dans le besoin