• všechny e-ziny od 9/1999
  • celou databázi NEWS
  • soutěže 2000-2011
  • další články a BONUSY

Security - News


Crypto - News | Security - News

04 / 2006
Vybrali pro vás: TR - Tomáš Rosa, JP - Jaroslav Pinkava, PV - Pavel Vondruška, VK - Vlastimil Klíma

NIST - SP 800-92, Guide to Computer Security Log Management.

Many logs within an organization may contain records related to computer security events. Organizations are facing larger quantities, volumes, and varieties of computer security logs, and also need to address requirements to analyze and retain certain logs to comply with Federal legislation and regulations, including FISMA, HIPAA, the Sarbanes-Oxley Act of 2002, and the Gramm-Leach-Bliley Act. As a result, many organizations have a greater need for computer security log management--the process for generating, transmitting, storing, analyzing, and disposing of computer security log data. Log management assists in ensuring that computer security records are stored in sufficient detail for an appropriate period of time.
This document provides detailed information on developing, implementing, and maintaining effective log management practices throughout an enterprise. It includes guidance on establishing a centralized log management infrastructure, which includes hardware, software, networks, and media. It also discusses the log management processes that should be put in place at an organization-wide level, including the definition of roles and responsibilities, the creation of feasible logging policies, and the division of responsibilities between system-level and organization-level administrators. Guidance is also provided on log management at the individual system level, such as configuring log generating sources, supporting logging operations, performing log data analysis, and managing long-term data storage.
Zdroj: http://csrc.ncsl.nist.gov/publications/drafts/DRAFT-SP800-92.pdf
Autor: JP

<<- novější - NIST - draft Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) for Confidentiality and Authentication
Správa privilegovaných ú?t? a politiky organizací - starší ->>
Design: Webdesign