IFIP Advances in Information and Communication Technology
 2002
DOI: 10.1007/978-0-387-35586-3_4
|View full text |Cite
|
Sign up to set email alerts
|

A Top-Down Approach Towards Translating Organizational Security Policy Directives to System Audit Configuration

Atif Ahmad
1
,
Tobias Ruighaver
2

Abstract: Abstract:There is a significant gap between the stated objectives of organizational security found in corporate security policy and the audit configuration of event logs present on IT systems. Audit configuration has always been a bottom-up process. As a result, the design and implementation of audit configurations is often constrained by the audit management interface that often models operating system structures rather than real world behavior. This paper argues for a top-down approach in the establishment o… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1

Citation Types

0
1
0

Year Published

2004
2004
2004
2004

Publication Types

Select...
1

Relationship

0
1

Authors

Journals

citations
Cited by 1 publication
(1 citation statement)
references
References 4 publications
(4 reference statements)
0
1
0
Order By: Relevance
“…A number of artifacts are therefore produced, a lot of them expressed in natural language (Schlienger and Teufel, 2002). Several researchers try to develop solutions to exploit the processing of natural language to produce formal descriptions that could be somehow materialized in system's configuration, either for policy enforcement (Michael et al, 2001), or for audit reviews (Ahmad and Ruighaver, 2002).…”
Section: The Need For Further Research and Our Approachmentioning
confidence: 99%

From risk analysis to effective security management: towards an automated approach

Tsoumas
1
,
Tryfonas2
2004
Information Management &Amp; Computer Security
13
0
4
0
View full textAdd to dashboardCite
show abstract
“…A number of artifacts are therefore produced, a lot of them expressed in natural language (Schlienger and Teufel, 2002). Several researchers try to develop solutions to exploit the processing of natural language to produce formal descriptions that could be somehow materialized in system's configuration, either for policy enforcement (Michael et al, 2001), or for audit reviews (Ahmad and Ruighaver, 2002).…”
Section: The Need For Further Research and Our Approachmentioning
confidence: 99%

From risk analysis to effective security management: towards an automated approach

Tsoumas
1
,
Tryfonas2
2004
Information Management &Amp; Computer Security
13
0
4
0
View full textAdd to dashboardCite
show abstract
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.