Hello Andreas, My apologies for not explaining myself. :-)
The trusted computing standards I'm talking about (there are a few, some good, some not so much) are effectively based on US Department of Defense C2 (aka Orange Book) security standards: http://en.wikipedia.org/wiki/TCSEC The best audit trail implementations I've seen are based on Sun's BSM, adopted and implemented by both FreeBSD and Apple in their auditing code. http://docs.sun.com/app/docs/doc/806-1789 http://www.apple.com/support/security/commoncriteria/ http://www.freebsd.org/doc/en/books/handbook/audit.html BSM-based auditing systems define classes of system calls, users, and groups of users that are of interest -- file create, file read, login, socket opens, people in the 'wheel' group, etc. -- and record a realtime log of events as they occur within the kernel. This information is stored in a packed binary format, and can be exploded into ASCII for parsing and analysis using built-in tools, allowing you to establish a complete audit trail of the operations of interest. How Lustre would implement this I'm not sure, since it's object-based and BSM auditing records file names ... but the idea is important, especially in digital media where auditability keeps lawyers from the MPAA and the big studios at bay. cheers, Klaus On 8/18/08 9:13 PM, "Andreas Dilger" <[EMAIL PROTECTED]>did etch on stone tablets: > On Aug 18, 2008 17:18 -0700, Klaus Steden wrote: >> Hrm. Who should I contact to find out more, then? > > Nathan is working on the Changelog code, but I think the main issue > is that neither of us know what "compliant with Trusted Computing standards" > really means. > >> On 8/18/08 4:44 PM, "Andreas Dilger" <[EMAIL PROTECTED]>did etch on stone >> tablets: >> >>> On Aug 18, 2008 12:53 -0700, Klaus Steden wrote: >>>> Will this be compliant with Trusted Computing standards? i.e. will it be >>>> possible to use this information for auditing purposes? >>> >>> I don't know enough about that to make a useful answer, sorry. >>> >>>> On 8/18/08 3:43 AM, "Andreas Dilger" <[EMAIL PROTECTED]>did etch on stone >>>> tablets: >>>> >>>>> On Aug 09, 2008 05:06 -0700, daledude wrote: >>>>>> Is there is a tool that shows what files are being accessed? Sort of >>>>>> like inotify, but not inotify? I'd like to compile file access >>>>>> statistics to try and balance the most accessed files across the OST's >>>>>> better. >>>>> >>>>> There is a feature being worked on for Lustre 2.0 called "Changelogs" >>>>> that will allow recording all files that are modified. >>>>> >>>>> Cheers, Andreas >>>>> -- >>>>> Andreas Dilger >>>>> Sr. Staff Engineer, Lustre Group >>>>> Sun Microsystems of Canada, Inc. >>>>> >>>>> _______________________________________________ >>>>> Lustre-discuss mailing list >>>>> [email protected] >>>>> http://lists.lustre.org/mailman/listinfo/lustre-discuss >>> >>> Cheers, Andreas >>> -- >>> Andreas Dilger >>> Sr. Staff Engineer, Lustre Group >>> Sun Microsystems of Canada, Inc. >>> > > Cheers, Andreas > -- > Andreas Dilger > Sr. Staff Engineer, Lustre Group > Sun Microsystems of Canada, Inc. > _______________________________________________ Lustre-discuss mailing list [email protected] http://lists.lustre.org/mailman/listinfo/lustre-discuss
