PRISM: A preventive and risk-reducing integrated security management model using security label |
| |
Authors: | D S Kim Y J Jung T M Chung |
| |
Affiliation: | (1) School of Information and Communication Engineering, Sungkyunkwan Univ., 300 Cheoncheon-dong, 440-746 Jangan-gu, Suwon, Gyeonggi-do, Korea;(2) National Security Research Institute (NSRI), 4F KT 62-1, Hwaam-dong Yuseoung-gu, 305-350 Daejeon, Korea;(3) School of Information and Communication Engineering, Sungkyunkwan Univ., 300 Cheoncheon-dong, 440-746 Jangan-gu, Suwon, Gyeonggi-do, Korea |
| |
Abstract: | An automated security management integrating various security systems is strongly required because cyber attacks are evolving
day after day. Moreover, the attacks are become more complex and intelligent than past. Several integrated security management
(ISM) models are supposed and implemented to meet the requirements. However, the current ISM is passive and behaves in a post-event
manner. To reduce costs and resources for managing security and to remove the possibility of an intruder succeeding in attacks,
the preventive security management technology is strongly required. This paper proposes the PRISM model that is based on tracing
important assets in a managed network and performs preventive security management before security incidents occur. Additionally,
PRISM model employs security labels to deploy differentiated security measure. The PRISM will provide concrete and effective
security management to the organization’s network. |
| |
Keywords: | security management security label ESM ISM |
本文献已被 SpringerLink 等数据库收录! |
|