Integrated user activity monitoring for regulatory services

Regulations such as FFIEC [5] and HIPAA [6] require activities of system administration to be captured and reviewed regularly. In IT service delivery environment, system maintenance activities are usually performed by the service provider whose system administrators access customer environment based on problem and change ticket being assigned.

[1]  Jeffrey M. Stanton,et al.  Analysis of end user security behaviors , 2005, Comput. Secur..

[2]  E. Eugene Schultz A framework for understanding and predicting insider attacks , 2002, Comput. Secur..

[3]  Karen Kent,et al.  Guide to Computer Security Log Management , 2006 .

[4]  T.F. Lunt,et al.  Real-time intrusion detection , 1989, Digest of Papers. COMPCON Spring 89. Thirty-Fourth IEEE Computer Society International Conference: Intellectual Leverage.