Quick academic help
Don't let the stress of school get you down! Have your essay written by a professional writer before the deadline arrives.
CERIAS : Paradigms for the Reduction of Audit Trails
This thesis provides a complete design and implementation of audit trail collection and storage for Aeolus, a distributed security platform based on information flow control. An information flow control system regulates all activities that concern information security. By recording all the operations monitored by Aeolus, our audit trails capture all actions that can affect system security. In our system, event records are collected on each system node and shipped to a centralized location, where they are stored and processed. To correlate audit trail events of different system nodes we store event dependencies directly in the event records. Each audit trail record keeps links to its immediate predecessors. Therefore, our audit trails form dependency graphs that capture the causal relationship among system events. These graphs can be used to reconstruct the chains of events leading to a given system state. Our results show that audit trail collection imposes a small overhead on system performance.
Computing systems have evolved from stand-aone mainframes to comlex, interconnected open systems, and this evolution has lead to proliferation of avenues of attack. With the knowledge that system misusers have open avenues for attack, misuse detection provides an important line of defense. For a misuse detection system to be effective, there needs to be an audit trail of system activity that was designed to support misuse detection needs. A major challenge in misuse detection is that audit data is inadequate. The data supplied by current auditing systems lack content useful for misuse detection, and there is no widely accepted audit trail standard. This thesis presents a comparison of the needs of host-based misuse detection with the capabilities of auditing facilities of convential operating systems. Host-based misuse detection systems are examined, and the audit data used by each are outlined. Auditing systems of convential operating systems are also examined, and the data colected by each are outlined. A comparison of the needs of the misuse detection systems and the capabilities of existing auditing facilities is then presented. the results of this study aid in the determination of what data content should be provided by auditing systems for the support of misuse detection goals.
Paradigms for the Reduction of Audit Trails
An initial prototype program was produced and focused on the UNIXoperating system model, and was fairly successful in followingentities in the audit trail.
EDI presents numerous audit and control implications. The auditor needs to understand how the entity conducts business using EDI and to adjust audit procedures accordingly. EDI creates a dependence on the trading partner's computer system, so its errors and security breaches might affect the client's system. For example, the auditor's client might be a supplier to a trading partner. The client ships raw materials to the trading partner based on an electronic inquiry of the trading partner's inventory system. This system might contain errors and compute an incorrect optimum order amount, leading to a dispute if the client ships too few or too many raw materials. (This could happen in a traditional system, but auditors would have a paper trail to check.) The auditor should be concerned that accounts receivable and revenue could be overstated if too many goods were shipped or that a contingent liability might exist if too few goods were shipped.
Audit Trails - Projects, Thesis, Dissertation, Project Reports
Paperless auditing. An electronic, rather than paper, trail of evidence is the hallmark of this technology. Paperless auditing includes EDI, imaging systems and similar technologies where source documents are in electronic form.
Most automated packages for intrusion detection focus on determining if a collection of audit data is suspicious. Package developers assume that the System Security Officer (SSO) will combine the results of their tools with a careful inspection of the logs to determine if indeed there is evidence of intrusive activity. In practice, most administrators rely exclusively on the conclusions generated by such packages. As a result, very few methods have been developed to browse the raw audit trails. This thesis presents a new approach to this problem. By treating conceptual entities in an audit trail as objects, a framework for observing how entities interact can be developed. All of the records of interest are first scanned to determine the objects and actions of interest.
Why choose our assistance?
As soon as we have completed your work, it will be proofread and given a thorough scan for plagiarism.
Our clients' personal information is kept confidential, so rest assured that no one will find out about our cooperation.
We write everything from scratch. You'll be sure to receive a plagiarism-free paper every time you place an order.
We will complete your paper on time, giving you total peace of mind with every assignment you entrust us with.
Want something changed in your paper? Request as many revisions as you want until you're completely satisfied with the outcome.
We're always here to help you solve any possible issue. Feel free to give us a call or write a message in chat.
What role does the audit trail play in the task of confirmation
New technologies are out there—you may even have heard of most of them. But how will they affect the audits you perform? To help you sort through advances, the computer auditing subcommittee of the AICPA ASB identified 11 key technologies practitioners should be aware of when planning financial statement audits. The technologies fall into three broad categories. The first contains one component-security. The second group consists of communications technologies that allow transmission of financial and other data without a paper audit trail. The other highly ranked technologies are independent of the rest and include the year 2000 (Y2K) issue and outsourcing. The technologies are listed below from the most to the least significant.
How it works
You submit your order instructions
We assign an appropriate expert
The expert takes care of your task
We send it to you upon completion
Average quality score
"I have always been impressed by the quick turnaround and your thoroughness. Easily the most professional essay writing service on the web."
"Your assistance and the first class service is much appreciated. My essay reads so well and without your help I'm sure I would have been marked down again on grammar and syntax."
"Thanks again for your excellent work with my assignments. No doubts you're true experts at what you do and very approachable."
"Very professional, cheap and friendly service. Thanks for writing two important essays for me, I wouldn't have written it myself because of the tight deadline."
"Thanks for your cautious eye, attention to detail and overall superb service. Thanks to you, now I am confident that I can submit my term paper on time."
"Thank you for the GREAT work you have done. Just wanted to tell that I'm very happy with my essay and will get back with more assignments soon."