首页> 美国政府科技报告 >Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase 2, Expanded Analysis and Recommendations.

【24h】

Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase 2, Expanded Analysis and Recommendations.

机译：用于管理内部威胁的云服务提供商方法：分析阶段2，扩展分析和建议。

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Throughout the third quarter of 2013, researchers in the CERT (registered trademark) Insider Threat Center, part of the Carnegie Mellon Software Engineering Institute, contacted commercial and government cloud service providers (CSPs) to better understand the administrative and technical risks posed by CSP insiders and the countermeasures that CSPs are considering and deploying to identify and mitigate insider attacks. Based on the insights obtained from participating CSPs, CERT researchers have examined how existing CSP insider threat management practices may be improved. Researchers also examined the CERT Division's Insider Threat Assessment workbooks to identify some data types useful for CSP security information and event management (SIEM) systems, specifically for mitigating insider threats. A table listing those identified data sources may be of use for CSPs adding logging, analysis, and alerts to their SIEM systems. This report contains observations obtained from interview and survey responses of participating CSP personnel, considerations for improving insider threat mitigation processes, and current challenges within the CSP community as observed by the Insider Threat Center team.

著录项

作者
Flynn, L.; Porter, G.; DiFatta, C.;
展开▼
作者单位

展开▼
年度 2014
页码 1-45
总页数 45
原文格式 PDF
正文语种 eng
中图分类工业技术;
关键词
Cloud computing; Computer access control; Computer network security; Information security; Management planning and control; Risk management; Threats; Data storage systems; Monitoring; Observation; Policies; Risk analysis; Surveys; Threat evaluation; Insider threat mana;

机译：云计算;计算机访问控制;计算机网络安全;信息安全;管理规划与控制;风险管理;威胁;数据存储系统;监控;观察;政策;风险分析;调查;威胁评估;内部威胁法力;

相似文献

外文文献
中文文献
专利

1. Hybrid Approach for Sentiment Analysis of Twitter Posts Using a Dictionary-based Approach and Fuzzy Logic Methods: Study Case on Cloud Service Providers [J] . Alharbi Jamilah Rabeh, Alhalabi Wadee S. International journal on Semantic Web and information systems . 2020,第1期

机译：使用基于字典的方法和模糊逻辑方法的Twitter Posts情感分析的混合方法：云服务提供商研究案例
2. Analysis of a cloud migration framework for offline risk assessment of cloud service providers [J] . Sen Amartya, Madria Sanjay Software, practice & experience . 2020,第6期

机译：云服务提供商离线风险评估的云移位框架分析
3. Analysis of a cloud migration framework for offline risk assessment of cloud service providers [J] . Quantum electronics . 2020,第6期

机译：云服务提供商离线风险评估云迁移框架分析
4. Digital Forensic in Cloud: Critical Analysis of Threats and Security in IaaS, SaaS and PaaS and Role of Cloud Service Providers [C] . Sulabha Patil, Raiiv Dharaskar, Vilas Thakare International Conference on Computing, Communication, Control and Automation . 2017

机译：云中的数字取证：IaaS，SaaS和PaaS中的威胁和安全性以及云服务提供商的作用的关键分析
5. Understanding the organization of managed service providers: An analysis of customer satisfaction and contracting in markets for hosted IT services. [D] . Susarla, Anjana. 2003

机译：了解托管服务提供商的组织：托管IT服务的客户满意度和市场签约分析。
6. Bringing numerous methods for expression and promoter analysis to a public cloud computing service [O] . Krzysztof Polański, Bo Gao, Sam A Mason, -1

机译：将多种表达和启动子分析方法引入公共云计算服务
7. CLOUD-BASED SECURITY THREATS WITH PRESENT CHALLENGES AND OPPORTUNITIES FOR MANAGED SERVICE PROVIDERS (MSPs) [O] . Bhaskar Kamal Baishya 2015

机译：基于云的安全威胁，对管理服务提供商（msp）存在挑战和机遇

Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase 2, Expanded Analysis and Recommendations.

摘要

著录项

相似文献

相关主题

期刊订阅