PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
September 2003

Security information sharing: Can we share data on live Internet attacks?

Two draft IDS information exchange standards could move closer to widespread acceptance if they pass muster within the new Cyber Security Information Sharing Project (CSISP), which is scheduled to launch later this year. CSISP is a joint venture of Carnegie Mellon University's CERT Coordination Center, security event management vendor ArcSight and three yet-to-be-determined universities to exchange real-time infosecurity data for analysis. Each school will install ArcSight's Distributed Security Architecture software, which will be used to report events directly to CERT/CC for consolidation and analysis. In theory, CERT will be able to produce global security threat reports and forecast events. CSISP will incorporate two IETF draft standards that allow diverse IDSes to share data on attacks in progress. The better known is the Intrusion Detection Message Ex-change Format (IDMEF), which defines data formats and exchange procedures of interest to IDSes and response systems. Incident Object Description and Exchange Format (IODEF) ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue