Security event logging

Explanation: Provide a tamper-resistant audit trail for security-related events, such as software installation, user authentication, and so on).

Vulnerabilities addressed: Addresses accountability by providing an after-the-fact trail for forensic analysis.

Developer resources required: Requires identification of security related event types and implementation of tamper resistant, append-only security event logs.

Evaluator resources required: Requires manual review of identified security related event types and of design and implementation of logging mechanisms and security event generation mechanisms.

Source: www.computer.org