Abstract
Ideally, an application of the techniques of control and monitoring is perfectly established: a security policy specifies exactly the wanted permissions and prohibitions; administrators correctly and completely declare the policy, which subsequently is fully represented within the computing system; and the control and monitoring component can never be bypassed, and it enforces the policy without any exception. As a result, all participants are expected to be confined to employing the computing system precisely as intended. Unfortunately, reality often differs from the ideal; for instance, the following shortcomings might arise:
-
• The security policy is left imprecise or incomplete.
-
• The declaration language is not expressive enough.
-
• The internal representation contains flaws.
-
• The enforcement does not cover all access requests.
-
• Administrators or users disable some control facilities for efficiency reasons.
-
• Intruders find a way to circumvent the control and monitoring component.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
(2009). Monitoring and Intrusion Detection. In: Security in Computing Systems. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78442-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-78442-5_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78441-8
Online ISBN: 978-3-540-78442-5
eBook Packages: Computer ScienceComputer Science (R0)