期刊文献+

面向业务日志的数据安全审计 被引量:2

原文传递
导出
摘要 目前,大量的信息系统都存在内部人员行为安全问题,针对电力营销系统中的用户可能会进行一些与业务无关的数据操作,本文提出一种结合业务功能范围的数据安全审计方法。通过对用户日志进行综合分析,挖掘数据与业务的关联,提取用户的行为模式,生成审计规则,进而检测异常操作,发掘系统安全隐患。
出处 《网络安全技术与应用》 2018年第9期71-72,共2页 Network Security Technology & Application
  • 相关文献

参考文献7

二级参考文献49

  • 1张相锋,孙玉芳,赵庆松.基于系统调用子集的入侵检测[J].电子学报,2004,32(8):1338-1341. 被引量:10
  • 2Helman P, Liepins G. Statistical foundations of audit trail analysis for the detection of computer misuse. IEEE Trans. on Software Engineering, 1993,19(9):886-901.
  • 3Biskup J, Flegel U. Transaction-Based pseudonyms in audit data for privacy respecting intrusion detection. LNCS 1907, Berlin:Springer-Verlag, 2000.28-48.
  • 4Sandhu R, Chen F. The multilevel relational (MLR) data model. ACM Trans. on Information and System Security, 1998,1(1):93-132.
  • 5Lunt TF, Denning DE, Schell RR, Heckman M, Shockley WR. The SeaView security model. IEEE Trans. on Software Engineering,1990,16(6):593 -607.
  • 6National Computer Security Center. A guide to understanding security modeling in trusted systems. Technical Report,NCSC-TG-010, National Computer Security Center, 1992.
  • 7Jajodia S, Samarati P, Subrahmanian VS. A logical language for expressing authorizations. In: Proc. of the 1997 IEEE Symp. on Security and Privacy. Los Alamitos: IEEE Computer Society Press, 1997.31-42.
  • 8Bertino E, Bettini C, Ferrari E, Samarati P. An access control model supporting periodicity constraints and temporal reasoning.ACM Trans. on Database Systems (TODS), 1998,23(3):231-285.
  • 9National Computer Security Center. A guide to understanding covert channel analysis of trusted systems. Technical Report,NCSC-TG-030, National Computer Security Center, 1993.
  • 10DE BL, LaPadula LJ. Secure computer systems: Unified exposition and multics interpretation. Technical Report, MTR-2997,Bedford: MITRE Corporation, 1976.

共引文献115

同被引文献10

引证文献2

二级引证文献4

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部