Exploring Audit Policies

A secure operating system needs to be able to identify individual users, grant access based on their identities, and track their actions. This starts by implementing practices that reflect the three As (AAA) of security: authentication, authorization, and accounting. Figure 5-1 shows how they combine to contribute to reliable accountability within an organization.

The AAAs of security refers to authentication, authorization, and accounting. Together they provide accountability.

Figure 5-1: AAA of security

f0501.eps

When a user attempts to access a system, the first step is to ensure that users prove who they are or authenticate ...

Get Microsoft® Windows® Security: Essentials now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.