SIEM-SC initial assessments: Towards a Sustainable and Compliant proposal for Security Information and Event Management

SIEM-SC initial assessments: Towards a Sustainable and Compliant proposal for Security Information and Event Management

연구 분야: Safety

학회: International Journal of Information Security

Currently, security is increasingly important within business information systems. In addition, aspects such as sustainability and energy consumption associated with security controls are becoming increasingly relevant. Therefore, it is important to be able to ensure that the controls are not only met safe, but also sustainable. This paper presents a proposal called SIEM-SC (System Information and Event Management - Secure compliance) for the construction of a model that allows guaranteeing privacy in the events obtained by a SIEM system, analysing this model not only from the point of view of privacy preservation, but also from the point of view of sustainability. The development has been carried out, analysing the private information contained in different tracelogs obtained through a SIEM system and previously performing a formalisation of the datasets used, which has subsequently allowed a systematised analysis of the consumption of resources in different dimensions. NIST 800-53 and ISO 27002 are contrasted against SIEM-SC to highlight the domains and controls covered by this novel proposal. In conclusion, an additional security layer is required to guarantee the privacy of personal data. This security layer has relevant costs in the consumption of resources depending on whether it is implemented in one way or another. This document also includes future proposals based on the findings and errors in the process.