{"title":"安全应用程序的同心监督:一种新的安全管理范式","authors":"P. Hyland, R. Sandhu","doi":"10.1109/CSAC.1998.738575","DOIUrl":null,"url":null,"abstract":"This paper questions the status quo regarding security management (SM) tools that function in an isolated, monolithic fashion. People work best by interacting with others and with their systems to see the \"big picture\" to interpret individual events. Our view of SM called concentric supervision of security applications (CSSA) is a continuous cycle of information flow. CSSA processing of status information and control of security features does not replace existing notions. It serves to enhance the existing ad hoc and segmented \"engineered\" solutions so that SM systems support \"the way people work\". We divide management functions into three phases: administration, operations, and assessment. Different skills, authority, and data are needed to perform tasks in each phase, but some information must flow for efficient and effective functionality. We give suggestions on some linkages by describing typical SM scenarios and how they might function. Parallels are drawn with related issues in network management systems and relationships to current management approaches are discussed.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Concentric supervision of security applications: a new security management paradigm\",\"authors\":\"P. Hyland, R. Sandhu\",\"doi\":\"10.1109/CSAC.1998.738575\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper questions the status quo regarding security management (SM) tools that function in an isolated, monolithic fashion. People work best by interacting with others and with their systems to see the \\\"big picture\\\" to interpret individual events. Our view of SM called concentric supervision of security applications (CSSA) is a continuous cycle of information flow. CSSA processing of status information and control of security features does not replace existing notions. It serves to enhance the existing ad hoc and segmented \\\"engineered\\\" solutions so that SM systems support \\\"the way people work\\\". We divide management functions into three phases: administration, operations, and assessment. Different skills, authority, and data are needed to perform tasks in each phase, but some information must flow for efficient and effective functionality. We give suggestions on some linkages by describing typical SM scenarios and how they might function. Parallels are drawn with related issues in network management systems and relationships to current management approaches are discussed.\",\"PeriodicalId\":426526,\"journal\":{\"name\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"volume\":\"35 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1998-12-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSAC.1998.738575\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAC.1998.738575","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Concentric supervision of security applications: a new security management paradigm
This paper questions the status quo regarding security management (SM) tools that function in an isolated, monolithic fashion. People work best by interacting with others and with their systems to see the "big picture" to interpret individual events. Our view of SM called concentric supervision of security applications (CSSA) is a continuous cycle of information flow. CSSA processing of status information and control of security features does not replace existing notions. It serves to enhance the existing ad hoc and segmented "engineered" solutions so that SM systems support "the way people work". We divide management functions into three phases: administration, operations, and assessment. Different skills, authority, and data are needed to perform tasks in each phase, but some information must flow for efficient and effective functionality. We give suggestions on some linkages by describing typical SM scenarios and how they might function. Parallels are drawn with related issues in network management systems and relationships to current management approaches are discussed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
