Name
Abstract | ||
|---|---|---|
With the growing size and complexity of current ICT infrastructures, it becomes increasingly challenging to gain an overview of potential security breaches. Security Information and Event Management systems which aim at collecting, aggregating and processing security-relevant information are therefore on the rise. However, the event model of current systems mostly describes network events and their correlation, but is not linked to a comprehensive security model, including system state, security and compliance requirements, countermeasures, and affected assets. In this paper we introduce a comprehensive semantic model for security event management. Besides the description of security incidents, the model further allows to add conditions over the system state, define countermeasures, and link to external security models. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1007/978-3-642-33704-8_16 | MMM-ACNS |
Keywords | Field | DocType |
comprehensive semantic model,system state,comprehensive security model,security incident,security event management,model-based security event management,external security model,potential security breach,event model,current ict infrastructure,event management system | Security convergence,Security testing,Asset (computer security),Computer security,Computer science,Security service,Cloud computing security,Security information and event management,Computer security model,Security management | Conference |
Citations | PageRank | References |
3 | 0.43 | 6 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Julian Schütte | 1 | 58 | 14.61 |
| Roland Rieke | 2 | 86 | 13.82 |
| Timo Winkelvos | 3 | 3 | 0.43 |