next up previous contents
Next: Operation Assurance Up: Compartmented Mode Workstations Previous: Access Control and


Accountability covers:

User identification and authentication are as described in the previous chapter.

Identification of user terminals allows the system to know which physical terminal a user is using.

A trusted path is a secure means of communication between the user and the system. For example, when a user types in their account name and password, the user wants to be sure that it is the system that the user is talking to, not a malicious program that someone else has left running on the terminal.

A particular implementation may require that the user press a ``break'' key that reliably terminates any previous session, or the user may need to reboot the personal computer or X terminal.

Auditing logs any security-related event to a secure logfile. Typical events which are logged are logins, logouts, creating or deleting files, modifying the access control associated with a file, and so on.

John Barkley
Fri Oct 7 16:17:21 EDT 1994