![[Home]](http://meatballwiki.org/meatball.gif)
AuditTrail
MeatballWiki | RecentChanges | Random Page | Indices | CategoriesTrust comes from serial responsibility, and responsibility comes from accountability. In order to make people accountable, you have to accredit their actions to them. In the RealWorld, this isn't too difficult. You can clearly see that it is Sam who is shoplifting, versus some mysterious figure. On the other hand, the RealWorld also allows one to mask identity. Maybe it's only clear that someone in a black ski mask is shoplifting.
Online, the entire system is under our control. No event can happen without the system having a regulating pressure on it. This makes it easy to record and publish people's actions.
Therefore, create an AuditTrail. A record tracking who did what and when. Often that means a VersionHistory or a ChangeLog with some identifying information, particularly with some way to determine NetworkDistance between the sources of transactions.
With names attached to actions, we can use PeerPressure to EnforceResponsibility to adhere to the CommunityExpectations. We can also follow people's action whom we trust, the RoleModels we can learn from (but only from OpenProcess). [SoftSecurity]
On the other hand, the system can also use the AuditTrail to automatically control access. Too many swear words and you're off the system, buddy. [HardSecurity]
But, there are serious privacy issues with tracing people's actions everywhere. One minimally needs an AuditTrail wherever one needs ReversibleChange, or perhaps in even fewer circumstances than that. If you go overboard, you will violate the social trust. That is just as large a failure as letting people bandy about irresponsibly.
Without ForgiveAndForget, an AuditTrail becomes a liability waiting to happen. Don't remember FlameWars forever; don't remember mistakes forever.
Foucault (1979)
- "He who is subjected to a field of visibility, and who knows it, assumes responsibility for the constraints of power; he makes them play spontaneously on himself; he inscribes in himself the power relation in which he simultaneously plays both roles; he becomes the principle of his own subjection." -- Foucault, M. (1979) Discipline and Punish, Vintage Books, New York, pp. 201-202.
What's wrong with this assessment is that this only is true if the subject is a) aware of his visibility, b) thinks someone may be watching, and c) is afraid of that person. To the latter point, fear of the other person's power will only occur after another visible demonstration of that power, say to another individual within the panopticon.
An alternate explanation of self-regulation is impression. If you want to impress me, and I am watching or even might be watching, you will behave according to what image you want to impress upon me. I may not have any power over you, but only over myself. For instance, when trying to impress a potential mate in a bar, avoid getting disastrously drunk.
- A record showing who has accessed a computer system and what operations he or she has performed during a given period of time. Audit trails are useful both for maintaining security and for recovering lost transactions. Most accounting systems and database management systems include an audit trail component. In addition, there are separate audit trail software products that enable network administrators to monitor use of network resources. [ZDNet]
A real-world example: CliffordStoll found a user being very active on one of his systems in Berkeley, after a long period of inactivity. Part of that activity was attacking military research institutions. He traced the source IP of the login to a machine in another institution, and back through a series of machines to a dialup in West Germany. The hackers were arrested and tried. The machine logs were an AuditTrail.
[CategorySoftSecurity] [CategoryHardSecurity]