论文信息 - Classification of Security Operation Centers

Classification of Security Operation Centers

Security Operation Centers (SOCs) are a necessary service for organisations that want to address compliance and threat management. While there are frameworks in existence that addresses the technology aspects of these services, a holistic framework addressing processes, staffing and technology currently do not exist. Additionally, it would be useful for organizations and constituents considering building, buying or selling these services to measure the effectiveness and maturity of the provided services. In this paper, we propose a classification and rating scheme for SOC services, evaluating both the capabilities and the maturity of the services offered.

Barry Irwin | Alapan Arnab | Pierre Jacobs

[1] 日本規格協会. 情報技術-セキュリティ技術-情報セキュリティマネジメントシステム-要求事項 : 国際規格ISO/IEC 27001 = Information technology-Security techniques-Information security management systems-Requirements : ISO/IEC 27001 , 2005 .

[2] Christopher Jesse,et al. Security Operation Center Concepts & Implementation , 2002 .

[3] Andrea Pederiva. The COBIT Maturity Model in a Vendor Evaluation Case , 2004 .

[4] Diana Kelley,et al. Best Practices for Building a Security Operations Center , 2006, Inf. Secur. J. A Glob. Perspect..

[5] Michael Protz,et al. A SAS ® Framework for Network Security Intelligence , 2005 .

[6] Hossein Gharaee,et al. Log management comprehensive architecture in Security Operation Center (SOC) , 2011, 2011 International Conference on Computational Aspects of Social Networks (CASoN).

[7] Ibrahim Al-Mayahi. ISO 27001 Gap Analysis-Case Study , 2012 .

[8] Mario Sajko,et al. Measuring and Evaluating the Effectiveness of Information Security , 2012 .

[9] Jiao Song. Software Capability Maturity Model , 2004 .