Abstract
Security Evaluation System is a system that evaluates the security of the entire enterprise network domain consists of various components and that supports a security manager or a security management system in making decisions about security management of the enterprise network based on the evaluation. It helps the security manager or the security management system to make a decision about how to change the configuration of the network to prevent the attack due to the security vulnerabilities of the network. Security Evaluation System checks the “current status” of the network, predicts the possible intrusion and supports decision-making about security management to prevent the intrusion in advance. In this paper we analyze the requirements of the Security Evaluation System that automates the security evaluation of the enterprise network consists of various components and that supports decision-making about security management to prevent the intrusion, and we propose a design for it which satisfies the requirements.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
ISS, “Network and Host-based Vulnerability Assessment,” http://documents.iss.net/whitepapers/nva.pdf
ISS, “Securing Operating Platforms: A solution for tightening system security,” January 1997.
AXENT Home Page, http://www.axent.com
ISS Home Page, http://www.iss.net
Kane Security Analyst Product Home Page, http://www.mantech.co.kr/ksa.html
J.S. Lee, S.C. Kim, J.T. Lee, K.B. Kim and S.W. Sohn, “Design of the Security Evaluation System for the prevention of hacking incidents under large-scale network environment,” Proceedings of the 12 th Workshop on Information Security and Cryptography, pp. 160–176, Chun-An, 2000.9.
J.S. Lee, S.C. Kim, K.B. Kim and S.W. Sohn, “Design of the Security Evaluation System for the automatic security analysis of the large-scale network,” Proceedings of the 5 th Conference on Communication Software, pp. 172–176, Sok-Cho, 2000.7.
Larry J. Hughes, Jr., Actually Useful Internet Security Techniques, New Riders Publishing, 1995.
S. J. Shin, J. W. Yoon and B. M. Lee, “A Prototype Design of Expert System for Automated Risk Analysis tool,” Proceedings of the 10 th Workshop on Information Security and Cryptography, pp. 383–395, 1998.
S.W. Kim, H. J. J ang and B. Park, “Dynamic Monitoring based on Security Agent,” Proceedings of the 10 th Workshop on Information Security and Cryptography, pp. 518–530, 1998.
Sundaram. Aurobindo, “An Introduction to Intrusion Detection, ” ACM CROSSROADS Issue 2.4, 1996.4.
Simson Garfinkel & Gene Spafford, Practical UNIX & Internet Security, O’REILLY, Second Edition, April 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, J.S., Kim, S.C., Sohn, S.W. (2001). A Design of the Security Evaluation System for Decision Support in the Enterprise Network Security Management. In: Won, D. (eds) Information Security and Cryptology — ICISC 2000. ICISC 2000. Lecture Notes in Computer Science, vol 2015. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45247-8_20
Download citation
DOI: https://doi.org/10.1007/3-540-45247-8_20
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-41782-8
Online ISBN: 978-3-540-45247-8
eBook Packages: Springer Book Archive