Report: Security Management Convergence via SIM (Security Information Management)—A Requirements Perspective

1. Ian A. Finlay, A brief tour of the Simple Network Management Protocol, CERT Coordination Center, http://www.cert.org/archive/pdf/snmp.pdf

2. Greg Shipley, Security information management tools, Network Computing, http://www.networkcomputing.com/1307/1307f2.html, April 1, 2002.

3. Timothy J. Shimeall, Casey J. Dunlevy, and Phil Williams, Intelligence analysis for internet security: Ideas, barriers and possibilities, CERT Analysis Center, http://www.cert.org/archive/html/spie.html

4. Common Vulnerabilities and Exposures (CVE) Site, http://cve.mitre.org

5. http://www.iso.ch/iso/en/ISOOnline.frontpage

6. http://www.iso.ch/iso/en/prods-services/popstds/informationsecurity.html

7. Office of the Secretary, Department of Health and Human Services, Health Insurance Reform: Security Standards; Final Rule, Federal Register, http://edocket.access.gpo.gov/2003/pdf/03–3877.pdf, February 20, 2003.

8. Federal Trade Commission, How to comply with the privacy of consumer financial information rule of the Gramm-Leach-Bliley Act, A Guide for Small Business from the Federal Trade Commission, http://www.ftc.gov/bcp/conline/pubs/buspubs/glblong.htm

9. Helen Delaney and Rene van de Zande, Co-Editors, A Guide to EU Standards and Conformity Assessment, NIST Special Publication 951, http://ts.nist.gov/ts/htdocs/210/gsig/eu-guides/sp951/sp951.htm

Download references