Kai-Oliver Detken scite author profile

Abstract. The threat of cyber-attacks grows up, as one can see by several negative security news and reports [8]. Today there are many security components (e.g. anti-virus-system, firewall, and IDS) available to protect enterprise networks; unfortunately, they work independently from each other -isolated. But many attacks can only be recognized if logs and events of different security components are combined and correlated with each other. Existing specifications of the Trusted Computing Group (TCG) already provide a standardized protocol for metadata collection and exchange named IF-MAP. This protocol is very useful for network security applications and for the correlation of different metadata in one common database. That circumstance again is very suitable for Security Information and Event Management (SIEM) systems. In this paper we present a SIEM architecture developed during a research project called SIMU. Additionally, we introduce a new kind of metadata that can be helpful for domains that are not covered by the existing TCG specifications. Therefore, a metadata model with unique data types has been designed for higher flexibility. IntroductionSecurity Information and Event Management (SIEM) systems are seen as an important security component of company networks and IT infrastructures. These systems allow to consolidate and to evaluate messages and alerts of individual components of an IT system. At the same time messages of specialized security systems (firewall-logs, VPN gateways etc.) can be taken into account. However, practice showed that these SIEM systems are extremely complex and only operable with large personnel effort. Many times SIEM systems are installed but neglected in continuing operation.

show abstract

Secure Mobile Business Information Processing

Kuntze

Rieke

Diederich

et al. 2010

View full text Add to dashboard Cite

Abstract-An ever increasing amount of functionality is incorporated into mobile phones-this trend will continue as new mobile phone platforms are more widely used such as the iPhone or Android. Along with this trend, however, new risks arise, especially for enterprises using mobile phones for security-critical applications such as business intelligence (BI). Although platforms like Android have implemented sophisticated security mechanisms, security holes have been reported [9]. In addition, different stakeholders have access to mobile phones such as different enterprises, service providers, operators, or manufacturers. In order to protect security-critical business applications, a trustworthy mobile phone platform is needed. Starting with typical attack scenarios, we describe a security architecture for Android mobile phones based on the concepts of Trusted Computing. In particular, this architecture allows for a dynamic policy change to reflect the current environment the phone is being used in.

show abstract

A viable SIEM approach for Android

Scholzel

Eren

Detken

2015

View full text Add to dashboard Cite

Integrity protection in a smart grid environment for wireless access of smart meters

Detken

Genzel

Rudolph

et al. 2014

View full text Add to dashboard Cite

To meet future challenges of energy grids, secure communication between involved control systems is necessary. Therefore the German Federal Office for Information Security (BSI) has published security standards concerning a central communication unit for energy grids called Smart Meter Gateway (SMGW). The present security concept of the SPIDER project takes these standards into consideration but extends their level of information security by integrating elements from the Trusted Computing approach. Additionally, a tamper resistant grid is integrated with chosen hardware modules and a trustworthy boot process is applied. To continually measure the SMGW and smart meter (SM) integrity the approach Trusted Network Connect (TNC) from the Trusted Computing Group (TCG) is used. Hereby a Trusted Core Network (TCN) can be established to protect the smart grid components against IT based attacks. That is necessary, especially by the use of wireless connections between the SMGW an d smart meter components

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.