Audit trails in the Aeolus distributed security platform

Author(s)

Popic, Victoria

Other Contributors

Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science.

Advisor

Barbara H. Liskov.

Abstract

This thesis provides a complete design and implementation of audit trail collection and storage for Aeolus, a distributed security platform based on information flow control. An information flow control system regulates all activities that concern information security. By recording all the operations monitored by Aeolus, our audit trails capture all actions that can affect system security. In our system, event records are collected on each system node and shipped to a centralized location, where they are stored and processed. To correlate audit trail events of different system nodes we store event dependencies directly in the event records. Each audit trail record keeps links to its immediate predecessors. Therefore, our audit trails form dependency graphs that capture the causal relationship among system events. These graphs can be used to reconstruct the chains of events leading to a given system state. Our results show that audit trail collection imposes a small overhead on system performance.

Description

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2010.
Cataloged from PDF version of thesis.
Includes bibliographical references (p. 84-86).

Date issued

2010

URI

http://hdl.handle.net/1721.1/62666

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.