A Cooperative Incident Response System

杨峰,段海新,李星
DOI: https://doi.org/10.3969/j.issn.1000-3428.2003.20.005
2003-01-01
Abstract:This paper discusses the theory of incident response and an integrative definition, incident object description and exchange format based on XML, incident taxonomy. The lifecycle and state transition of incident and the cooperative transaction between IRT are proposed. Aiming at large scale network environments, a cooperative incident response system (CIRS) is designed, which implements cooperative incident response through efficient, secure information exchange among managers in different places. At the same time, the architecture of CIRS is described, as well as its five components.
What problem does this paper attempt to address?