Abstract
We have designed and implemented a prototype of a distributed audit mechanism [1] for AIX audit subsystems of AIX 2.2.1 and AIX Version 3 [2] [3] [4]. In the prototype, each host is running a distributed audit daemon. A central auditor can instruct each daemon to turn on/off auditing, perform audit system management, or trace audit trails. To provide distributed audit in a heterogeneous environment, we have extended the prototype to support the mechanism in VM RACF systems. The efforts include modifying the central auditor interface and porting the distributed audit daemon to VM. Since AIX audit subsystems are totally different from the VM audit subsystem, the work has involved the integration of heterogeneous audit subsystems to support a central auditor interface.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
C.—R. Tsai, V. D. Gligor and M. S. Hecht, “Potential Pitfalls of a Distributed Audit Mechanism,” in Proceedings of the 1990 EurOpen Autumn Conference, Nice, France, pp. 91–103, October 1990, also available as IBM Gaithersburg Technical Report 85.0098, October 1990.
C.—R. Tsai and V. D. Gligor, “Distributed Audit with Remote Procedure Calls,” in Proceedings of the 1991 IEEE International Carnahan Conference on Security Technology, Taipei, Taiwan, pp. 154–160, October 1991.
C.-R. Tsai and V. D. Gligor, “Distributed System and Security Management with Centralized Control,” in Proceedings of the 1992 EurOpen/USENIX Workshop, Jersey, Channel Islands, pp. 137–146, April 1992, also available as IBM Gaithersburg Technical Report 85.0155.
C.-R. Tsai, “Security Issues on Distributed System Applications,” in Proceedings of the 1993 National Security Conference, Baltimore, Maryland, pp. 385–390, September 1993.
J. G. Steiner, C. Newman, and J. I. Schiller, “Kerberos: An Authentication Server for Open Network Systems,” in Proceedings of the 1988 Winter USENIX Conference, Dallas, Texas, pp. 191–202, Feb. 1988.
T. H. Dineen, et al., “The Network Computing Architecture and System: An Environment for Developing Distributed Applications,” in Proceedings of the 1988 Summer USENIX Conference.
R. W. Scheifler and J. Gettys, “The X Window System,” ACM Transactions on Graphics, 5: 2, pp. 79–109, April 1986.
National Computer Security Center, Department of Defense Trusted Computer System Evaluation Criteria DOD 5200.28—STD, December 1985.
R. Sandberg, “Design and Implementation of the Sun Network Filesystem,” in Proceedings of the 1985 Summer USENIX Conference, pp. 119–130, June 1985.
IBM Corporation, Communication Concepts and Procedures,1990.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Tsai, CR. (1995). Extending Distributed Audit to Heterogeneous Audit Subsystems. In: Eloff, J.H.P., von Solms, S.H. (eds) Information Security — the Next Decade. IFIP Advances in Information and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-34873-5_25
Download citation
DOI: https://doi.org/10.1007/978-0-387-34873-5_25
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-5041-2910-7
Online ISBN: 978-0-387-34873-5
eBook Packages: Springer Book Archive