Audit in Kerberos
Zhanna Tsitkova
tsitkova at mit.edu
Thu Jan 21 15:04:21 EST 2010
Hello,
I would like to re-introduce the idea of extending the Kerberos
security policy by adding an Audit feature to track the activity on
the KDC side.
This would include such events, both successes and failures, as
ticket request, ticket issued/renewed, is ticket forwardable, kdc
referral activity, password modified/expired, constarained delegation
(for future) etc.
There are few problems that must be addressed
1. Where to store the audit info - in file or DB?
Syslog seems to be an attractive option. However, only admin
privileged users can access and interpret the log.
DB log storage suggests more flexibility when users based on
their access rights may review and analyze the accumulated log data.
The drawback here is the worsened performance and scalability.
2. What format should be used to store the messages. If the messages
are stored in the syslog they need to be suitable for db uploading.
XML or text? (XML format would result into the rapid file-size growth
but , if stored remotely may be not a problem)
3. Make this feature plugable.
4. Some vendors have their own in-house audit mechanisms incorporated
in the Kerberos code. Should we introduce our own daemons to
monitor,alert, interpret, archive and cleanup or sanitization of the
accumulated log data or should we relay on the OS capabilities?
Any feedback and opinions and recommendations are greatly appreciated.
Thanks,
Zhanna
Zhanna Tsitkova
tsitkova at mit.edu
More information about the krbdev
mailing list