Monitoring information systems to enforce computer security policies

Download
Author
Graham, Scott W.
Mills, Stephen E.
Date
1999-09-01Advisor
Garcia, Vicente
Second Reader
Michael, James Bret
Metadata
Show full item recordAbstract
Many computer security policies are written relatively vaguely. In many ways this is intentional to allow for easier access to all the functionality of the computer network. However, too much leeway allows users, without a need to access many of the network functions, the ability to execute functions that might cause harm to the system or provide access to information they have no need to see. With this in mind, this paper takes a look at computer security. We start with a brief history of computer security and continue with a look at internal security. Since our focus is on computer misuse and detection, a look at internal security provides a look at the reasons why we should attempt to monitor the activities of users. Misuse detection requires at least two features. These are audit reduction and profiling ability. When audit features are enabled in the operating system, massive files can build up. By establishing profiles of personnel usage, the automated audit features can quickly scan audit files, look for usage that falls outside what is determined to be normal, notify administrators, and delete old audit data. A misuse detection system, such as the Computer Misuse Detection System marketed by ODS Networks, may be implemented and incorporated into a comprehensive security policy.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Related items
Showing items related by title, author, creator and subject.
-
Security evaluation of Unix networks
Brown, Thomas L. (Monterey, California. Naval Postgraduate School, 1992-09);In recent years, computer networks have significantly increased in both complexity and number, and these networks are attractive targets for attack and intrusion. Unix networks being managed by the government and providing ... -
Acoustic communications considerations for collaborative simultaneous localization and mapping
Hilger, Ryan Peter (Monterey, California: Naval Postgraduate School, 2014-12);This thesis considers the use of acoustic communications in reducing position uncertainty for collaborating autonomous underwater vehicles. The foundation of the work relies on statistical techniques for accurate navigation ... -
How intrusion detection can improve software decoy applications
Monteiro, Valter (Monterey, California. Naval Postgraduate School, 2003-03);This research concerns information security and computer-network defense. It addresses how to handle the information of log files and intrusion-detection systems to recognize when a system is under attack. But the goal is ...