Network,Database, and System Log Data Management:The What,Wh...
ۼ 2008-12-02
ȸ : 11,491
By Dr.Anton Chuvakin, Computer Technology Review
, ö̾, ̽ ٷ ݿ Ʈũ 丮 ý յǰ Ȯ尡 α ÷ ߿伺 ϰִ.
:Logs
ֱٿ, 鿡 ְ 켱 Ʈ Ͽ. ε巯 ұϰ, Ʈũ ýۿ ϴ ͵ ؿԴ. , CIO IT ڵ ̰-α - ϴ ȿ ִٴ ϰ ִ.
ڿ ý۵ α · Ȱ . α״ ȭ, , , Ŭ̾Ʈ OS, ͺ̽, Ͻ ø̼ǰ IT ҵ鿡 ӵ Ǿ. , α ̰ ǰ, , Ȱ ý ̽ ϰ ذϴ 뼺 ұϰ ƹ װ͵ ʴ´.
α ϴ ܺ Ӹ ƴ϶ ο ó ʴ κ Ͻ ȣϴµ ̴. Ҹ ִ ǵ Ǵ ߸ Ƶ ƮϿ ս̴ ο Ѵ. ϰԵ, α ϴ Ϲ ֿ켱̶ ٴ IT ڵ ϻ μ ִ. ̷ ν α ǹȭѴٴ ǿ ұϰ ӵǰ ִ.
ٷ , Ͻ ü ȸ ݿ پ ҽκ α 100% ĸó ִ α ַ äؾ Ѵ. , α ϴ ̴. κ ġ ϴ α ϰ мϰ װͿ ϴ Ϳ ִ.
:Ͻ ս, . ö̾ ؼ
츮 α ַ Ѹ ؾ Ѵ. α ϳ Ѵ: ö̾, IT .
Ѿ, α Ͻ Ű ݿ Ǿ ִ. , α Identity Management(IdM) Business Process Management (BPM) ٽ Ѵ. IdM , α ʹ ڵ н ȣ ϴ Ϳ Ӹ ƴ϶ ο ID Ǿ, װ͵ Ǵ, װ͵ Ǵ Ÿ. α ī ϴ Ͻ μ , ȭν BPM ų ִ.
ö̾ α ڸ Ʈũ ͺ̽ ȣϱ ֿ ̴. PCI DSS ſī , ŷ, پ ΰ ϱ ſī ȸ鿡 ߵǾ. PCI 20 䱸 Ǵµ ϳ Requirements 10 α α (ٸ 䱸鵵 α ϰ ִ) ٷ ִ. 䱸 Ͽ, ý Ʈ α Ǿ ϰ, α ý ؾ Ѵ. PCI-DSS α Ἲ ϰ α ʰ ϴ å ؾ Ѵ١ ϰ ִ.
α ý ġϵ 䱸ϴ ٸ ǥص鿡 Ƿ ð踦 HIPAA, FISMA Ͽ ٸ ͵ Ѵ. ̵ 쿡, α ȣϵ 䱸ϰ ٽ Ǿ.
: α Ʈũ, ͺ̽ ϶
ڸ, ü IT Ȱ û , ֱ پ α 䱸 ʿ䰡 ִ. ̷ ǥ ϴ ܼ α ̻ Ѵ. IT ý α ϰ ϵ ϴ Ϳ Ͽ, ǽð α м α ð ˻ ؾ Ѵ.
̷ ϴ ǿ α ÷ ġϴ ̴. Ư , α ٷ , ð Ҹ̸, 뵿 ̴; ̰ α ɼ Ұϰ Ǵ 翬 ̴.
ϰ, ö̾ µ ǥ , 谨 ° ߺ ȴ. Ǹ Źͽ ö̾ ӿ ϵ ´.
α ַ ߿, پ α ҽ鿡 ߾ȭ α ְ ղ. ϱ?
α ̷ : ϸ õ Ʈ α 䰡 ڵ. ٹ ұԸ Ǵ ٸ ġκ û α , ȿ̰ ϸ ſ δ. Ͱ ٸ context ߰ ǰ , Ϳ Ÿ 鿡 ȸ ̹ ִ ջ غ ִ.
, ߾ӽ α Ͽ콺 ٸ α context Ǵ ̱ ҽκ α Ȳ νķ(situational awareness) ϴµ ̴ ȸϻ IT ٸ ϴµ ʼ̴. , , Ŵ ߴ Ǵϱ Ǿ ϴµ, ̴ ǽ ý۵(װ͵ Ǿ ִ ٸ ý۵)κ α ǹѴ. ҽκ α Ͽ Բ װ͵ ϴ Ͱ α ϴ ϳ query Ͽ 並 ħػǵ鿡 ߴ ð .
ϻ , ߾ӽ α ý۵鿡 ذ ̽ Ͻ ý۵ ƿ츣 high-level Ʈ Ʈ 绡 óϵ Ѵ. ΰ, Ʈ ϳ ư Ŭ õ ý۰ڰ Լ ְ α å, ö̾ Ʈ ִٴ ǹѴ.
, α ö̾ ų Ӹ ƴ϶ ħ ϸ鼭, IT ź¼ ȣϰ ϴµ ݵ ʿϴ. ٽɱ ̴, Ͻ Ǵ κ ̴