Fundamentals of Information Systems Security, 4th Edition

Policies and Procedures for Accountability

At this point, you have learned how users are identified (step 1), authenticated (step 2), and authorized (step 3). Now it’s time for the last part of the access control process: accountability. Accountability involves tracing an action to a person or process to know who made the changes to the system or data, which is important for conducting audits and investigations as well as tracing errors and mistakes. Accountability answers the question, “Can you hold users responsible for what they do on the system?”

Log Files

Log files, which are a key ingredient to accountability, are records that detail who logged on to the system, when they logged on, and what information or resources they used. In the ...

Get Fundamentals of Information Systems Security, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Fundamentals of Information Systems Security, 4th Edition by David Kim, Michael G. Solomon

Policies and Procedures for Accountability

Log Files

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly