The Community for Technology Leaders
Green Image
Issue No. 01 - January/February (2012 vol. 10)
ISSN: 1540-7993
pp: 55-59
Idoia Aguirre , the Multi­disciplinary Innovation and Technology Center of Navarra (Cemitec)
Sergio Alonso , the Multidisciplinary Innovation and Technology Center of Navarra (Cemitec)
ABSTRACT
Many preventive security measures purport to protect networks from cyber intrusions. These adopted measures can generate a large amount of information that should be stored and analyzed to enable responses to detected attacks. Security information and event managers (SIEMs) are indispensable for collecting all of a system's security-related information in a central repository. This can then provide trend analysis and lead analysts to adopt appropriate actions. A collaborative work approach lets SIEMs of different trusted domains share alarms and their countermeasures. By sharing alarms and adopted measures in domains with similar profiles, the authors hope to enhance a global view of the security and facilitate decision making for security-domain administrators.
INDEX TERMS
computer-supported cooperative work, decision support, data sharing, security, security information and event managers, SIEM
CITATION
Idoia Aguirre, Sergio Alonso, "Improving the Automation of Security Information Management: A Collaborative Approach", IEEE Security & Privacy, vol. 10, no. , pp. 55-59, January/February 2012, doi:10.1109/MSP.2011.153
211 ms
(Ver 3.3 (11022016))