Sciweavers

Share
GI
2009
Springer

Service-oriented Event Assessment - Closing the Gap of IT Security Compliance Management

8 years 4 months ago
Service-oriented Event Assessment - Closing the Gap of IT Security Compliance Management
: Frequently, Security Monitoring is equated with network intrusion detection. However, Security Monitoring has a much broader scope. It also comprises detection of insider attacks. Since the Enron bankruptcy, monitoring of privileged access to financial data has become a legal requirement stipulated for example in the Sarbanes-Oxley Act (SOX 404). Monitoring of privileged access requires evaluation of its necessity, permission, and correctness. As a result, detection of privileged access is not sufficient and must be reviewed in its business context. Data from various sources combined with business process contexts establish a sound basis for the assessment of a privileged access. Usually, the required data is spread over different data sources within an organization offering heterogeneous interfaces of any kind. Security administrators use multiple applications and data interfaces which result in a time-consuming and error prone process. Security Monitoring is, on the contrary, all a...
Frederic Majer, Martin Nussbaumer, Dieter Riexinge
Added 17 Feb 2011
Updated 17 Feb 2011
Type Journal
Year 2009
Where GI
Authors Frederic Majer, Martin Nussbaumer, Dieter Riexinger, Volker Simon
Comments (0)
books