Automating Information Security Policy Compliance Checking

被引:0
|
作者
Mandal, Debashis [1 ]
Mazumdar, Chandan [1 ]
机构
[1] Jadavpur Univ, Ctr Distributed Comp, Kolkata, India
来源
PROCEEDINGS OF 2018 FIFTH INTERNATIONAL CONFERENCE ON EMERGING APPLICATIONS OF INFORMATION TECHNOLOGY (EAIT) | 2018年
关键词
Compliance; Log Records; Logs; Information Security Policy; Automation;
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Information Security Policies are used for expressing the high level objectives of Security of an enterprise. The different IT assets are configured to protect the enterprise from attackers. The configured assets generate log records as description of the events happening in the system. Published literature focuses on the behavioral aspects of the users in complying with the policies. This paper presents a novel idea of checking the compliance with Information Security Policies from the log records. The paper presents a formal description of compliance and goes on to describe the representation of the different entities like Policies, Rules, Events and Logs for the automatic Compliance checker.
引用
收藏
页数:4
相关论文
共 50 条
  • [1] Information Security Policy Compliance: The Role of Information Security Awareness
    AL-Omari, Ahmad
    El-Gayar, Omar
    Deokar, Amit
    AMCIS 2012 PROCEEDINGS, 2012,
  • [2] Internalization of Information Security Policy and Information Security Practice: A Comparison with Compliance
    Park, Minjung
    Chai, Sangmi
    PROCEEDINGS OF THE 51ST ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES (HICSS), 2018, : 4723 - 4731
  • [3] Automating Cybersecurity Compliance in DevSecOps with Open Information Model for Security as Code
    Haverinen, Henry
    Janhunen, Tomi
    Paivarinta, Tero
    Lempinen, Sami
    Kaartinen, Suvi
    Merila, Sami
    PROCEEDINGS OF 4TH ECLIPSE SECURITY, AI, ARCHITECTURE AND MODELLING CONFERENCE ON DATA SPACES, ESAAM 2024, 2024, : 93 - 102
  • [4] Information security policy compliance model in organizations
    Safa, Nader Sohrabi
    Von Solms, Rossouw
    Furnell, Steven
    COMPUTERS & SECURITY, 2016, 56 : 70 - 82
  • [5] Information Security Policy Compliance: Leadership and Trust
    Paliszkiewicz, Joanna
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2019, 59 (03) : 211 - 217
  • [6] Issues and Trends in Information Security Policy Compliance
    Bhaharin, Surayahani Hasnul
    Mokhtar, Umi Asma
    Sulaiman, Rossilawati
    Yusof, Maryati Mohd
    2019 6TH INTERNATIONAL CONFERENCE ON RESEARCH AND INNOVATION IN INFORMATION SYSTEMS: EMPOWERING DIGITAL INNOVATION (ICRIIS 2019), 2019,
  • [7] Predictors of Success in Information Security Policy Compliance
    Nord, Jeretta
    Sargent, Carol Springer
    Koohang, Alex
    Marotta, Angelica
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2022, 62 (04) : 863 - 873
  • [8] Behavioral Approach to Information Security Policy Compliance
    Mady, Ashraf
    Gupta, Saurabh
    AMCIS 2017 PROCEEDINGS, 2017,
  • [9] The role of norms in information security policy compliance
    Wiafe, Isaac
    Koranteng, Felix Nti
    Wiafe, Abigail
    Obeng, Emmanuel Nyarko
    Yaokumah, Winfred
    INFORMATION AND COMPUTER SECURITY, 2020, 28 (05) : 743 - 761
  • [10] Psychological Capital and Information Security Policy Compliance
    Zhao, Jiaqing
    Hong, Yuxiang
    Chen, Wenqing
    Chen, Chouyong
    JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2024,
12345