Management issues in automated audit analysis

This paper discusses management issues associated with the design and implementation of an automated audit analysis system that we use to detect security events. It gives the viewpoint of a team directly responsible for developing and managing such a system. We use Los Alamos National Laboratory`s Network Anomaly Detection and Intrusion Reporter (NADIR) as a case in point. We examine issues encountered at Los Alamos, detail our solutions to them, and where appropriate suggest general solutions. After providing an introduction to NADIR, we explore four general management issues: cost-benefit questions, privacy considerations, legal issues, and system integrity. Our experiences are of general interest both to security professionals and to anyone who may wish to implement a similar system. While NADIR investigates security events, the methods used and the management issues are potentially applicable to a broad range of complex systems. These include those used to audit credit card transactions, medical care payments, and procurement systems.

MoreLess

Year of publication:	2008-02-12
Authors:	Jackson, K.A. ; Hochberg, J.G. ; Wilhelmy, S.K. ; McClary, J.F. ; Christoph, G.G.
Subject:	general and miscellaneous//mathematics, computing, and information science \| COMPUTER NETWORKS \| SECURITY \| MANAGEMENT \| AUTOMATION \| COST BENEFIT ANALYSIS \| AUDITS

More details

Type of publication:	Other
Source:	BASE

Persistent link: https://www.econbiz.de/10009436980