DocumentCode
2084759
Title
Intrusion countermeasures security model based on prioritization scheme for intranet access security (emerging concepts category)
Author
Gupta, Manish ; Banerjee, Shamik ; Rao, H.R. ; Upadhyaya, Shambhu
Author_Institution
Sch. of Manage., State Univ. of New York, Buffalo, NY, USA
fYear
2003
fDate
18-20 June 2003
Firstpage
174
Lastpage
181
Abstract
Access controls and perimeter defenses are essential parts of an enterprise´s security armory. However, for a comprehensive intranet security strategy, such defenses alone may not be enough. An enterprise needs mechanisms to analyze alerts and detect real attacks, and policies on how to respond to attacks. A framework for effective response to detection of misuse or attack is a central theme. The focus is towards security of corporate intranets. We first discuss the access control models that are currently being deployed and used at most intranet solutions. Using role based access control as a base, we develop a framework of interaction of various entities in the model. We then propose a prioritization scheme based on cost of impact in case of misuse and business criticality of transactions. The scheme is developed based on categorization and prioritization of risk and vulnerability assessment results for an enterprise intranet. Alerts are a critical element of a real-time response, but how alert engines operate and filter tons of log data decides the effectiveness of such infrastructure. We propose incorporation of priority schemes into alert mechanisms to develop a more effective intrusion countermeasure against misuse and attack. It leverages the enterprise´s investment in security technology to develop an optimized solution to respond to those attacks, by advising the enterprise´s on-site administrators.
Keywords
authorisation; business communication; computer crime; intranets; risk management; access control model; alert engines; alert mechanism; business transaction; corporate intranet; enterprise intranet; enterprise security; intranet access security; intrusion countermeasures; prioritization scheme; real-time response; risk assessment; role based access control; Access control; Authorization; Computer science; Costs; Data security; Filters; Information security; Investments; Search engines; USA Councils;
fLanguage
English
Publisher
ieee
Conference_Titel
Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society
Print_ISBN
0-7803-7808-3
Type
conf
DOI
10.1109/SMCSIA.2003.1232418
Filename
1232418
Link To Document