 |
SIEM tools produce reports instantaneously when they run in a
machine. For a detailed analysis of security assessment history
of events and related data need to be captured in a manner
such that the data integrity is maintained forever. Hence, we
need a technology that maintains data provenance in a tamperproof and time-stamped manner so that the security framework is assured of data integrity at any time. Moreover, such a provision will help SIEM tools to produce more effective reports when data analytics components are integrated for fine-grained analysis. Apart from the above, there should be a mechanism using which one can see to what extent the underlying security policy is conformant and its current severity level to indicate a perceived threat.
If unique state replication of data provenance is ensured at
the premises of the service provider and other stakeholders
then compliance with the organization¡¯s security policy framework can be provided as a Software Service with continuous monitoring capabilities in a decentralized manner.
Blockchain is a technology that provides, Consensus-based unique state replication across multiple nodes, a tamper-proof storage of data for ensuring data integrity and data provenance along with secured and authentic transaction capability when deployed as a permissioned network.
Integrating Blockchain capabilities and SIEM features into a solution makes the security assurance systems a robust and effective mechanism to safeguard the organization¡¯s interest. |
IEEE/ICACT20230046 Slide.04
[Big Slide]
[YouTube]