Abstract
Enterprises use security equipments in order to protect their information assets from various attacks such as viruses and hacking. However, such individual equipments hardly provide enterprise level integrated security. Recently, there has been a great need in small/medium businesses to purchase such integrated security services in a cost effective way by means of an ASP solution. We propose the architecture of a web-based enterprise security manager that can be used as an ASP solution. To the best of our knowledge, it is the first such system that provides integrated security management services through the web. We conducted experiments on our prototype system, and showed that it could handle 30 million logs per day, and serve 300 concurrent web users with 20 transactions per session. This system is now running as a commercial application service at KT Bizmeka, which is one of the largest Korean ASPs.
This work was supported by the KT Information Security Business Unit.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Caralli, R.A., Wilson, W.R., William: The Challenges of Security Management, CERT (Computer Emergency Response Team) White Paper (2004)
Enterprise Security Management: Managing Complexity, Contributed by Intellitactics, Inc., http://www.bizforum.org/whitepapers/intellitactics-2.htm
Browning, J.A., Anderson, R.P.: Adoption of Web Enablement Can Improve SMB Business, Gartner, http://i.b5z.net/i/u/1430061/i/Gartner_Research_-_Web_SMB.pdf
McCarthy, L.: Intranet Security: Stories from the Trenches. Sun Microsystems Press
Bass, T.: Intrusion Detection Systems and Multi-sensor Data Fusion. Communications of the ACM (2000)
Symantec ESM, http://enterprisesecurity.symantec.com/products/products.cfm
IBM Tivoli, http://www-306.ibm.com/software/tivoli/
ArcSight ESM, http://www.arcsight.com/whitepapers.htm
HP OpenView & Security Management, http://www.managementsoftware.hp.com/news/ovsecurity.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lim, Y., Kim, M., Seo, K.H., Moon, H.K., Choe, J.G., Kang, Y. (2006). An Enterprise Security Management System as a Web-Based Application Service for Small/Medium Businesses. In: Lipmaa, H., Yung, M., Lin, D. (eds) Information Security and Cryptology. Inscrypt 2006. Lecture Notes in Computer Science, vol 4318. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11937807_22
Download citation
DOI: https://doi.org/10.1007/11937807_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49608-3
Online ISBN: 978-3-540-49610-6
eBook Packages: Computer ScienceComputer Science (R0)