Towards Continuous Information Security Audit

نویسندگان

  • Dmitrijs Kozlovs
  • Kristine Cjaputa
  • Marite Kirikova
چکیده

Requirement engineering calls for continuous possibility to check whether latest changes of significant requirements are met by the target systems. This review is important because the environment of the system, if impacted by changes, may lead to new exposures. Current paper reports on knowledge gained during the attempt to move towards continuous security audit by extending one business process based security requirements identification method with the elements from audit area and the automated business process analysis method for identifying the points for the attention of audit.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Continuous Fraud Detection in Enterprise Systems through Audit Trail Analysis

Enterprise systems, real time recording and real time reporting pose new and significant challenges to the accounting and auditing professions. This includes developing methods and tools for continuous assurance and fraud detection. In this paper we propose a methodology for continuous fraud detection that exploits security audit logs, changes in master records and accounting audit trails in en...

متن کامل

Auditing cloud storage for continuous storage security

Cloud storage permits users to remotely store their knowledge and revel in the on-demand top quality cloud applications while not the burden of native hardware and software package management. Though the advantages are clear, such a service is addition relinquishing users’ physical possession of their outsourced knowledge, which necessarily poses new security risks towards the correctness of th...

متن کامل

Application of a Collaborative Filtering Recommendation Algorithm Based on Cloud Model in Intrusion Detection

Intrusion detection is a computer network system that collects information on several key points. and it gets these information from the security audit, monitoring, attack recognition and response aspects, check if there are some the behavior and signs against the network security policy. The classification of data acquisition is a key part of intrusion detection. In this article, we use the da...

متن کامل

Provide an optimal audit model to reduce fraudulent financial reporting

Fraud in financial reporting and accounting has grown significantly in recent years due to the financial crises created in companies, so that fraud has become a political and economic issue and today the legislature, the accounting profession and the causes The creation of fraud in it as well as the ways to deal with fraudulent behavior in financial statements have received special attention. T...

متن کامل

A Top-Down Approach Towards Translating Organizational Security Policy Directives to System Audit Configuration

There is a significant gap between the stated objectives of organizational security found in corporate security policy and the audit configuration of event logs present on IT systems. Audit configuration has always been a bottom-up process. As a result, the design and implementation of audit configurations is often constrained by the audit management interface that often models operating system...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2016