Enhancement of Internal Control by expanding Security Information Event Management System (통합 로그 관리 시스템 확장을 통한 내부 통제 강화)

임동성; KIM YONG MIN (김용민)

Enhancement of Internal Control by expanding Security Information Event Management System

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2015, 20(8), pp.35~43
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science

임동성 ¹, KIM YONG MIN ¹

¹전남대학교

Accredited

ABSTRACT

Recently, internal information leaks is increasing rapidly by internal employees and authorized outsourcing personnel. In this paper, we propose a method to integrate internal control systems like system access control system and Digital Rights Managements and so on through expansion model of SIEM(Security Information Event Management system). this model performs a analysis step of security event link type and validation process. It develops unit scenarios to react illegal acts for personal information processing system and acts to bypass the internal security system through 5W1H view. It has a feature that derives systematic integration scenarios by integrating unit scenarios. we integrated internal control systems like access control system and Digital Rights Managements and so on through expansion model of Security Information Event Management system to defend leakage of internal information and customer information. We compared existing defense system with the case of the expansion model construction. It shows that expanding SIEM was more effectively.

KEYWORDS

Internal control system, Security Information Event Management, Scenario, Monitoring

Citation status

* References for papers published after 2023 are currently being built.

[book] Jerry Shenk / 2012 / Learning from Logs: SANS Eighth Annual 2012 Log and Event Management Survey Results / SANS : 2~3

[journal] GiHyouk Lee / 2009 / A Study on the implementation of leak prevention system through internal information leaks symptom analysis / Journal of The Korea Institute of Information Security & Cryptology 19(3) : 70~73

[other] / 2006 / NIST FIPS PUB 800-92, Guide to Computer Security Log Management : 2~32

[thesis] Jae Chan Yoo / 2012 / A Study on the Protection for Corporation Information Using Scenario Technique / SungKyunkwan University

[book] Kelly M / 2014 / Magic Quadrant for Security Information and Event Management / Gartner Group : 2~8

[journal] Donghan Kim / 2013 / SIEM Trend to the intelligent Log management platform in the Big Data Environment / National IT Industry Promotion Agency, Weekly Technology Trends : 5~8

[web] / mcafee / http://www.mcafee.com/us/resources/reports/rp-when-minutes-count.pdf

[journal] Soondeok Yu / 2013 / Security response technology in the Big Data Environment / National IT Industry Promotion Agency, Weekly Technology Trends : 9~11

[web] / EMC / http://www.emc.com/security

[web] / IBM / http://www-03.ibm.com/software/products/en/qradar-siem

[journal] Ki-Soon Yu / 2013 / Development directions and technology trends of SIEM / Journal of The Korea Institute of Information Security & Cryptology 23(6) : 91~93

[web] / Gartner / http://blogs.gartner.com/ramon-krikken/2012/05/22/siem-future-would-you-like-some-context-with-that/

[confproc] Jong-Hyun Kim / 2013 / Technical Trends of Cyber Security with Big Data / 2013 Electronics and Telecommunications Trends : 20~23

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65