论文信息 - Research and design of security audit system for compliance

Research and design of security audit system for compliance

Security audit plays an important role in information system, but currently there are various deficiencies in the security audit systems. This paper elaborates the concept of compliance audit, and then introduces the system architecture and components of a log-based network security audit system for compliance. In the end, the detailed design of key components and technologies used are emphasized. Application results indicate that this system achieves the compliance requirements and can effectively enhance the security of the system being audited.

Chen Wang | Xiaoni Wang | Jing Liu | Dongliang Jiao

[1] Agent-Oriented Software Analysis and Design Method , 2004 .

[2] Timothy W. Finin,et al. KQML as an agent communication language , 1994, CIKM '94.

[3] Nandan Parameswaran,et al. Towards Robust and Adaptive Semantic-Based Compliance Auditing , 2007, 2007 Eleventh International IEEE EDOC Conference Workshop.

[4] Jian-Xing Li. An Object-Oriented Design Model of Software Agent , 2007 .

[5] Tian Shengfeng,et al. A Survey of Intrusion-Detection Alert Aggregation and Correlation Techniques , 2006 .

[6] Zhou Qi-feng. Research and Design Web-Based Security Audit Log System , 2009 .

[7] Tyrone Grandison,et al. Compliance with data protection laws using Hippocratic Database active enforcement and auditing , 2007, IBM Syst. J..

[8] Stefan Sackmann,et al. ExPDT: Ein Policy-basierter Ansatz zur Automatisierung von Compliance , 2008, Wirtsch..

[9] Li Jian,et al. An Object-Oriented Design Model of Software Agent , 2007 .

[10] Marwane El Kharbili,et al. Policy-Based Semantic Compliance Checking for Business Process Management , 2008, MobIS Workshops.

[11] Manfred Hauswirth,et al. A flexible and extensible security framework for Java code , 1999 .