Security and Reliability Requirements for Advanced Security Event Management
This paper addresses security information management in complex application scenarios. Security Information and Event Management (SIEM) systems collect and examine security related events, with the goal of providing a unified view of the monitored systems’ security status. While various SIEMs are in production, there is scope to extend the capability and resilience of these systems. The use of SIEM technology in four disparate scenario areas is used in this paper as a catalyst for the development and articulation of Security and Reliability requirements for advanced security event management. The scenarios relate to infrastructure management for a large real-time sporting event, a mobile money payment system, a managed services environment and a cyber-physical dam control system. The diversity of the scenarios enables elaboration of a comprehensive set of Security and Reliability requirements which can be used in the development of future SIEM systems.
Keywordssecurity requirements security information and event management SIEM architecting trustworthy systems
Unable to display preview. Download preview PDF.
- 1.Monitoring up the Stack: Adding Value to SIEM. White paper, Securosis L.L.C., Phoenix, AZ (November 2010), https://securosis.com/research/publication/monitoring-up-the-stack-adding-value-to-siem
- 2.Applied Network Security Analysis: Moving from Data to Information. White paper, Securosis L.L.C., Phoenix, AZ (December 2011), https://securosis.com/research/publication/applied-network-security-analysis-moving-from-data-to-information
- 3.Project MASSIF website (2012), http://www.massif-project.eu/
- 4.Coppolino, L., D’Antonio, S., Formicola, V., Romano, L.: Integration of a System for Critical Infrastructure Protection with the OSSIM SIEM Platform: A dam case study. In: Flammini, F., Bologna, S., Vittorini, V. (eds.) SAFECOMP 2011. LNCS, vol. 6894, pp. 199–212. Springer, Heidelberg (2011)CrossRefGoogle Scholar
- 7.Hatebur, D., Heisel, M., Schmidt, H.: Analysis and component-based realization of security requirements. In: Proceedings of the International Conference on Availability, Reliability and Security (AReS), pp. 195–203. IEEE Computer Society Press (2008), http://www.ieee.org/
- 8.Mead, N.R., Hough, E.D.: Security requirements engineering for software systems: Case studies in support of software engineering education. In: CSEET 2006: Proceedings of the 19th Conference on Software Engineering Education & Training, pp. 149–158. IEEE Computer Society Press, Washington (2006)CrossRefGoogle Scholar
- 11.Nicolett, M., Kavanagh, K.M.: Magic Quadrant for Security Information and Event Management. Gartner Reasearch (May 2010)Google Scholar
- 12.Prieto, E., Diaz, R., Romano, L., Rieke, R., Achemlal, M.: MASSIF: A promising solution to enhance olympic games IT security. In: International Conference on Global Security, Safety and Sustainability (ICGS3 2011) (2011)Google Scholar
- 13.Zhu, B., Joseph, A., Sastry, S.: Taxonomy of Cyber Attacks on SCADA Systems. In: Proceedings of CPSCom 2011: The 4th IEEE International Conference on Cyber, Physical and Social Computing, Dalian, China (2011)Google Scholar