|
URL:
No
specific
There
are no authoritative technologies that are available today. However, the
closest is the Communication in the Common Intrusion Detection Framework
(CDIF). The developing specification is available from:
http://gost.isi.edu/cidf/drafts/communication.txt
The
following are key attributes of an integrated intrusion detection
technology/framework:
· A detection
framework must be able to communicate over the wire in a standardized manner.
· An intrusion
detection technology must be able to securely contact the proper peer
components.
There must be a mechanism to locate peer components in a secure manner.
There must be a mechanism for verifying each partner’s authenticity and access
privileges.
· Additionally, an
intrusion detection technology should integrate with the audit
framework/technology.
Keywords:
|
