Security and Reliability Requirements for Advanced Security Event Management

  • Roland Rieke
  • Luigi Coppolino
  • Andrew Hutchison
  • Elsa Prieto
  • Chrystel Gaber
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7531)

Abstract

This paper addresses security information management in complex application scenarios. Security Information and Event Management (SIEM) systems collect and examine security related events, with the goal of providing a unified view of the monitored systems’ security status. While various SIEMs are in production, there is scope to extend the capability and resilience of these systems. The use of SIEM technology in four disparate scenario areas is used in this paper as a catalyst for the development and articulation of Security and Reliability requirements for advanced security event management. The scenarios relate to infrastructure management for a large real-time sporting event, a mobile money payment system, a managed services environment and a cyber-physical dam control system. The diversity of the scenarios enables elaboration of a comprehensive set of Security and Reliability requirements which can be used in the development of future SIEM systems.

Keywords

security requirements security information and event management SIEM architecting trustworthy systems 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Monitoring up the Stack: Adding Value to SIEM. White paper, Securosis L.L.C., Phoenix, AZ (November 2010), https://securosis.com/research/publication/monitoring-up-the-stack-adding-value-to-siem
  2. 2.
    Applied Network Security Analysis: Moving from Data to Information. White paper, Securosis L.L.C., Phoenix, AZ (December 2011), https://securosis.com/research/publication/applied-network-security-analysis-moving-from-data-to-information
  3. 3.
    Project MASSIF website (2012), http://www.massif-project.eu/
  4. 4.
    Coppolino, L., D’Antonio, S., Formicola, V., Romano, L.: Integration of a System for Critical Infrastructure Protection with the OSSIM SIEM Platform: A dam case study. In: Flammini, F., Bologna, S., Vittorini, V. (eds.) SAFECOMP 2011. LNCS, vol. 6894, pp. 199–212. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Fabian, B., Gürses, S., Heisel, M., Santen, T., Schmidt, H.: A comparison of security requirements engineering methods. Requirements Engineering 15(1), 7–40 (2010)CrossRefGoogle Scholar
  6. 6.
    Firesmith, D.: Engineering security requirements. Journal of Object Technology 2(1), 53–68 (2003)CrossRefGoogle Scholar
  7. 7.
    Hatebur, D., Heisel, M., Schmidt, H.: Analysis and component-based realization of security requirements. In: Proceedings of the International Conference on Availability, Reliability and Security (AReS), pp. 195–203. IEEE Computer Society Press (2008), http://www.ieee.org/
  8. 8.
    Mead, N.R., Hough, E.D.: Security requirements engineering for software systems: Case studies in support of software engineering education. In: CSEET 2006: Proceedings of the 19th Conference on Software Engineering Education & Training, pp. 149–158. IEEE Computer Society Press, Washington (2006)CrossRefGoogle Scholar
  9. 9.
    Mellado, D., Blanco, C., Sánchez, L.E., Fernández-Medina, E.: A systematic review of security requirements engineering. Computer Standards & Interfaces 32(4), 153–165 (2010)CrossRefGoogle Scholar
  10. 10.
    Mellado, D., Fernández-Medina, E., Piattini, M.: A common criteria based security requirements engineering process for the development of secure information systems. Comput. Stand. Interfaces 29(2), 244–253 (2007)CrossRefGoogle Scholar
  11. 11.
    Nicolett, M., Kavanagh, K.M.: Magic Quadrant for Security Information and Event Management. Gartner Reasearch (May 2010)Google Scholar
  12. 12.
    Prieto, E., Diaz, R., Romano, L., Rieke, R., Achemlal, M.: MASSIF: A promising solution to enhance olympic games IT security. In: International Conference on Global Security, Safety and Sustainability (ICGS3 2011) (2011)Google Scholar
  13. 13.
    Zhu, B., Joseph, A., Sastry, S.: Taxonomy of Cyber Attacks on SCADA Systems. In: Proceedings of CPSCom 2011: The 4th IEEE International Conference on Cyber, Physical and Social Computing, Dalian, China (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Roland Rieke
    • 1
  • Luigi Coppolino
    • 2
  • Andrew Hutchison
    • 3
  • Elsa Prieto
    • 4
  • Chrystel Gaber
    • 5
  1. 1.Fraunhofer Institute SITDarmstadtGermany
  2. 2.Epsilon S.r.l.NaplesItaly
  3. 3.T-SystemsSouth Africa
  4. 4.Atos Research & InnovationSpain
  5. 5.Orange Labs - France TelecomFrance

Personalised recommendations