Implementation and improvement of the information safety console - OSSIM: a university-company collaboration experience
DOI:
https://doi.org/10.26507/rei.v3n6.63Keywords:
Information security, physical security, security consoles, OSSIM, alert correlationAbstract
Security management consoles are today among the most widely deployed tools for information security management in the enterprise. This article summarizes the work done by our research group, in order to implement a series of improvements to the OSSIM security console, aiming to fulfill the Colombian market needs. The improvements include an interface with physical security devices, the creation of a software module for automatic creation of correlation rules, and a significant enhancement of information capture reliability in highly congested networks.Downloads
References
AlarmReceiver (2008). Asterisk Alarmreceiver – SIA (Ademco) Contact ID Alarm Receiver Application. Consultado el 5 de Septiembre de 2008 en: http://www.voip-info.org/wiki/index.php?page=Asterisk+cmd+AlarmReceiver
Asterisk (2008). The Open Source PBX & Telephony Platform. Consultado el 5 de Septiembre de 2008 en: http://www.asterisk.org
Axis (2008). Axis Communications. Video Motion Detection (VMD). Consultado el 5 de septiembre de 2008 en: http://www.axis.com/products/video/about_networkvideo/vmd.htm
Benvenuti, Christian (2006). Understanding Linux Network Internals. O’Reilly, USA. Chapter 10: Frame Reception, pp. 210-238.
Carracedo, G. Justo (2004). Seguridad en redes Telemáticas. McGraw-Hill, España. Capítulo 1, pp 1-32.
Casal, Julio (2008). OSSIM: General Description Guide. Consultado el 5 de Septiembre de 2008 en: http://www.ossim.net/dokuwiki/doku.php?id=documentation:general_description
Congreso Estados Unidos (2002). United Status Congress. Sarbanes-Oxley Act of 2002. Consultado el 5 de Septiembre de 2008 en: http://news.findlaw.com/hdocs/docs/gwbush/sarbanesoxley072302.pdf
ISO 17799 (2005). International Standards Organization (ISO). Information technology – Security techniques - Code of practice for information security management (Norma ISO/IEC 17799:2005), pp 115.
ISO 27001 (2005). International Standards Organization (ISO). Information technology – Security techniques - Information security management systems - Requirements (Norma ISO/IEC 27001:2005), pp 34. Julish, Klaus (2003). Clustering Intrusion Detection Alarms to Support Root Cause Análisis. ACM Transactions on Information and System Security, Vol. 6, No. 4, November, pp 443-471.
Ntop (2008). Consultado el 5 de Septiembre de 2008 en: http://www.ntop.org
OSSIM (2008). Open System Security Information Management. Consultado el 5 de Septiembre de 2008 en: http://www.ossim.net
Ossim Agent (2008). OSSIM: Agent Documentation. Consultado el 5 de septiembre de 2008 en: http://www.ossim.net/dokuwiki/doku.php?id=documentation:agent#plugins
Pfring (2008). PF-RING overview. Consultado el 4 de octubre de 2008 en: http://www.ntop.org/PF_RING.html
SIA (1999). Security Industry Association. Digital Communication Standard - Ademco (r) Contact ID Protocol - for Alarm System Communications. Consultado el 5 de Septiembre de 2008 en: http://www.smartelectron.ru/files/DC-05_Contact_ID.pdf
Snort (2008). The de facto standard for intrusion detection / prevention. Consultado el 5 de Septiembre de 2008 en: http://www.snort.org
Unión Europea (2000). Protección de datos en la Unión Europea. Consultado el 5 de Septiembre de 2008 en: http://ec.europa.eu/justice_home/fsj/privacy/docs/guide/guide-spain_es.pdf
Zone Minder (2008). Linux Home CCTV and Video Camera Security with Motion. Consultado el 5 de
Septiembre de 2008 en: http://www.zoneminder.com/
Downloads
Published
How to Cite
Issue
Section
License
Total or partial reproduction of the documents published in the journal is authorized only when the source and author are cited.
Article metrics | |
---|---|
Abstract views | |
Galley vies | |
PDF Views | |
HTML views | |
Other views |