RE: [logs] Due Diligence for Admission in Court

From: Steve Wray (steve.wrayat_private)
Date: Wed Dec 05 2001 - 14:39:32 PST

  • Next message: borisat_private: "RE: [logs] Due Diligence for Admission in Court"

    Ok so the logs are written to CDROM *and* PGP signed I guess
    
    
    > From: Bennet S. Yee [mailto:bsyat_private]
    > 
    > if an insider is trying to tamper with the log entries (long) after
    > the fact, then even writing to a CDR may not be good enough (assuming
    > it is fast enough).  the threat is that maybe the insider can open the
    > cabinet with the archived log CDRs and substitute his/her own copy.
    > thus we have devolved into procedural security: making sure only
    > trusted people have keys to the cabinet containing the CDR log
    > archive, etc, and that the physical security of the cabinet/safe is
    > uncompromised.
    > 
    > if you had an external data archiving facility such as a bank vault w/
    > a deposit-only drop box for those CDRs, maybe that'd provide similar
    > security properties.
    > 
    > (nothing wrong with good procedural security, btw.)
    > 
    > -bsy
    > --------
    > Bennet S. Yee		Phone: +1 858 534 4614		Email: 
    > bsyat_private
    > 	(i often don't capitalize due to tendonitis)
    > Web:	http://www-cse.ucsd.edu/~bsy/
    > USPS:	Dept of Comp Sci and Eng, 0114, UC San Diego, La Jolla, CA 
    > 92093-0114
    > 
    > 
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: loganalysis-unsubscribeat_private
    For additional commands, e-mail: loganalysis-helpat_private
    



    This archive was generated by hypermail 2b30 : Wed Dec 05 2001 - 15:13:00 PST