Abstract
The implementation of information security for governmental institutions is regulated by laws, which specify the development of complex regulation environment and implementation of information security solutions. The implementing regulation emphasizes the minimal user access rights principle, which means employees should be provided with necessary and sufficient rights to do their jobs, prescribes the implementation of a control system which limits user activities to the execution of their tasks, requires security analysis of information systems' log files of organizations handling large volume of personal data. Considering that the weakest point is the user, the most important aspect of log file processing is user activity analysis, building user profiles, identifying unusual events based on these and analyse them based on the data available about users for the organization. The paper discusses the goal, role, possibility, the importance and limitations of building user profiles instantly by analysing log files, considering efficiency, and all-inclusiveness with minimization of false alarms and administration tasks based on information available electronically about employees. By the end of the paper a cost-effective model is presented for automated user activity and profile analysis.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
