مرکز منطقه ای اطلاع رساني علوم و فناوري - Automated Audit of Compliance and Security Controls

DocumentCode :

1923621

Title :

Automated Audit of Compliance and Security Controls

Author :

Koschorreck, Gerhard

Author_Institution :

UPW ProjectServices GmbH, Bensheim, Germany

fYear :

2011

fDate :

10-12 May 2011

Firstpage :

137

Lastpage :

148

Abstract :

This paper gives an overview of the existing standards to describe security content. We discuss the challenges security organizations are facing and present approaches for automation of security checks. The OVAL and XCCDF languages are examined in greater detail and an example for their use is given. We describe use cases for these languages and explain the benefits of their deployment.

Keywords :

XML; security of data; OVAL; XCCDF; automated audit; compliance; security checks; security controls; Guidelines; Humans; Information security; Organizations; Software; Standards organizations; OCIL; OVAL; XCCDF; automated audit; security control;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

IT Security Incident Management and IT Forensics (IMF), 2011 Sixth International Conference on

Conference_Location :

Stuttgart

Print_ISBN :

978-1-4577-0146-7

Type :

conf

DOI :

10.1109/IMF.2011.12

Filename :

5931118

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1923621