China
Africa
Explore chapters and articles related to this topic
Architecture (A2): SDL Activities and Best Practices
Published in James F. Ransome, Anmol, Mark S. Merkow, Practical Core Software Security, 2023
James F. Ransome, Anmol, Mark S. Merkow
Auditing and logging Sensitive information (e.g., passwords, PII) is not logged.Access controls (e.g., ACLs) are enforced on log files to prevent unauthorized access.Integrity controls (e.g., signatures) are enforced on log files to provide nonrepudiation.Log files provide for audit trail for sensitive operations and logging of key events.Auditing and logging is enabled across the tiers on multiple servers.
Fuzzy Fault Tree Analysis for Web Access Failure under Uncertainty Using a Compensatory Operator
Published in Harish Garg, Mangey Ram, Reliability Management and Engineering, 2020
LOG files normally contain information regarding the services requested from a system, the responses provided, and the origin of the requests. The details of the server activities are logged into text files. The LOG file or HTTP failures are due to the user/client and the server. The error status code for the client’s error is indicated by 4xx while 5xx for the server error [46]. The common errors experienced by the user are code 400 (bad request), code 401 (unauthorized), code 403 (forbidden), and code 404 (not found), while for the server code 500 (internal server error) and code 503 (service unavailable) are frequently occurred errors [46]. The aim of this chapter is to illustrate the inter-relationship among these HTTP basic events symbolically and to indicate the physical connections in highly time-varying web processes. The fault tree is constructed to pictorially represent the propagation of all the combinations of basic events leading to web service failure and is illustrated in Figure 7.3 [46].
Advanced Flash Media Server Techniques
Published in Stefan Richter, Jan Ozer, Hands-On Guide to Flash Video, 2007
Log files are essentially text files containing information about system events, errors or simple process workflows. These events can include data about successful and failed connections, data flow, system state, bandwidth usage and a multitude of other data. Most servers and computer systems support some kind of logging mechanism and the data it produces is commonly used for troubleshooting and security analysis.
Performance Evaluation of the MapReduce-based Parallel Data Preprocessing Algorithm in Web Usage Mining with Robot Detection Approaches
Published in IETE Technical Review, 2022
Mitali Srivastava, Atul Kumar Srivastava, Rakhi Garg, P. K. Mishra
An entry is automatically recorded into the Web server log for every user when they traverse the particular website. Basically, there are four types of server logs that are created by the Web server software: error log, agent log, referrer log, and access log or transfer log. Among them, the access log is the most important type of server log, and it contains all information regarding the activities of the user. This type of server log is widely used in the Web usage mining process. The agent log and referrer log may be added to the access log to create an extended log file format [17]. Due to different setting parameters, various Web servers support different formats of log files such as NCSA Common Log Format (CLF)/Combined Log Format (ECLF), IIS Standard/Extended, Netscape Flexible, and Log Markup Language (LogML). Out of these log formats, CLF is a broadly adopted log format, and ECLF is a customized version of CLF [18]. A formalized data preprocessing problem in ECLF format is given below.