Event-driven rules for sensing and responding to business situations
Proceedings of the 2007 inaugural international conference on Distributed event-based systems
On a formal framework for security properties
Computer Standards & Interfaces
SAFECOMP'11 Proceedings of the 30th international conference on Computer safety, reliability, and security
Architecting a security strategy measurement and management system
Proceedings of the Workshop on Model-Driven Security
Hi-index | 0.00 |
With the growing size and complexity of current ICT infrastructures, it becomes increasingly challenging to gain an overview of potential security breaches. Security Information and Event Management systems which aim at collecting, aggregating and processing security-relevant information are therefore on the rise. However, the event model of current systems mostly describes network events and their correlation, but is not linked to a comprehensive security model, including system state, security and compliance requirements, countermeasures, and affected assets. In this paper we introduce a comprehensive semantic model for security event management. Besides the description of security incidents, the model further allows to add conditions over the system state, define countermeasures, and link to external security models.