Abstract
Nowadays, Security Information and Event Management (SIEM) is very important in software. SIEM stores and monitors events in software and unauthorized access to logs can prompt different security threats such as information leakage and violation of confidentiality. In this paper, a novel method is suggested for secured and integrated access control in the SIEM. First, the key points where the SIEM accesses the information within the software is specified and integrated policies for access control are developed in them. Accordingly, the threats entered into the access control module embedded in this system are carefully detected. By applying the proposed method, it is possible to provide the secured and integrated access control module for SIEM as well as the security of the access control module significantly increases in these systems. The method is implemented in the three stages of the requirements analysis for the establishment of a secure SIEM system, secure architectural design, and secure coding. The access control module is designed to create a secured SIEM and the test tool module is designed for evaluating the access control module vulnerabilities. Also, to evaluate the proposed method, the dataset is considered with ten thousand records, and the accuracy is calculated. The outcomes show the accuracy of the proposed method is significantly improved. The results of this paper can be used for designing an integrated and secured access control system in SIEM systems.
Highlights
The ever-increasing expansion of software as a major element in everyday activities and the high cost of program failure has led to the emergence of tools for evaluating software
Suitable security measures are taken on software [6], but neglecting the security of the Security Information and Event Management (SIEM) system overwhelms all the security measures of software; this is due to the access of SIEM systems to all events within the software
This study proposes an approach not for creating the SIEM system for software, and for applying a proper and integrated access control module in these systems based on new standards and access control models [8, 9, 10]
Summary
The ever-increasing expansion of software as a major element in everyday activities and the high cost of program failure has led to the emergence of tools for evaluating software. SIEM systems are located alongside the software and monitor all the events happening in them [4, 5]. These systems have access to all of the information in the programs, and they are a complete repository of all the events that occur in software. Failure to pay attention to the access control module's threats can cause malicious and irreparable damages to software and SIEM systems [7]. All key points in SIEM that require access to information for generating, storing, analyzing, and monitoring security events are specified and access control is carefully done at all points. All threats to the access control module are identified and solutions are suggested to reduce these threats
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
