• DocumentCode
    2084759
  • Title

    Intrusion countermeasures security model based on prioritization scheme for intranet access security (emerging concepts category)

  • Author

    Gupta, Manish ; Banerjee, Shamik ; Rao, H.R. ; Upadhyaya, Shambhu

  • Author_Institution
    Sch. of Manage., State Univ. of New York, Buffalo, NY, USA
  • fYear
    2003
  • fDate
    18-20 June 2003
  • Firstpage
    174
  • Lastpage
    181
  • Abstract
    Access controls and perimeter defenses are essential parts of an enterprise´s security armory. However, for a comprehensive intranet security strategy, such defenses alone may not be enough. An enterprise needs mechanisms to analyze alerts and detect real attacks, and policies on how to respond to attacks. A framework for effective response to detection of misuse or attack is a central theme. The focus is towards security of corporate intranets. We first discuss the access control models that are currently being deployed and used at most intranet solutions. Using role based access control as a base, we develop a framework of interaction of various entities in the model. We then propose a prioritization scheme based on cost of impact in case of misuse and business criticality of transactions. The scheme is developed based on categorization and prioritization of risk and vulnerability assessment results for an enterprise intranet. Alerts are a critical element of a real-time response, but how alert engines operate and filter tons of log data decides the effectiveness of such infrastructure. We propose incorporation of priority schemes into alert mechanisms to develop a more effective intrusion countermeasure against misuse and attack. It leverages the enterprise´s investment in security technology to develop an optimized solution to respond to those attacks, by advising the enterprise´s on-site administrators.
  • Keywords
    authorisation; business communication; computer crime; intranets; risk management; access control model; alert engines; alert mechanism; business transaction; corporate intranet; enterprise intranet; enterprise security; intranet access security; intrusion countermeasures; prioritization scheme; real-time response; risk assessment; role based access control; Access control; Authorization; Computer science; Costs; Data security; Filters; Information security; Investments; Search engines; USA Councils;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society
  • Print_ISBN
    0-7803-7808-3
  • Type

    conf

  • DOI
    10.1109/SMCSIA.2003.1232418
  • Filename
    1232418