Sciweavers

CCS
2009
ACM

Logging key assurance indicators in business processes

15 years 4 days ago
Logging key assurance indicators in business processes
Management of a modern enterprise is based on the assumption that executive reports of lower-layer management are faithful to what is actually happening in the field. As some well-publicised major recent disasters (such as Barings, AllFirst-Allied Irish Bank, ENRON, Societ?e Generale) have shown, this assumption is not well-founded. Intermediate managers can misrepresent the actual state of their systems in order to hide negative events or to "doctor" reports which have been already produced. Existing security approaches which guarantee integrity of logs and related reports do not protect the system against these threats, if they are directly applied to a multi-layered corporate structure. In this paper, we extend existing approaches by constructing a logging scheme which ensures that, at each level, logs are both correct and consistent. Categories and Subject Descriptors K.6.4 [Management of computing and information Systems]: System Management--Management audit; H.2.7 [Dat...
Fabio Massacci, Gene Tsudik, Artsiom Yautsiukhin
Added 23 Nov 2009
Updated 23 Nov 2009
Type Conference
Year 2009
Where CCS
Authors Fabio Massacci, Gene Tsudik, Artsiom Yautsiukhin
Comments (0)