| fullrecord |
[{"key": "dc.contributor.advisor", "value": "Sepp\u00e4nen, Ville", "language": "", "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Hornborg, Jenny", "language": "", "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2021-06-16T06:31:49Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2021-06-16T06:31:49Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2021", "language": "", "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/76580", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Digitalisoituvan maailman my\u00f6t\u00e4 organisaatioiden toimintatavat ja ty\u00f6kalut ovat muuttuneet huomattavasti tietoteknisemp\u00e4\u00e4n suuntaan. Muutos on koskettanut my\u00f6s yksil\u00f6it\u00e4, sill\u00e4 heist\u00e4 ker\u00e4t\u00e4\u00e4n nykyisin enemm\u00e4n dataa, kuin koskaan ennen. Euroopan Unionin Yleinen tietosuoja-asetus (eng. EU General Data Protection Regulation, GDPR) pyrkii tuomaan yksil\u00f6iden datan k\u00e4sittelyyn sen kaipaamaa turvaa. Organisaatioille GDPR toi mukanaan lis\u00e4\u00e4 vastuuta ja tarvetta varmistua ty\u00f6ntekij\u00f6iden valtuutetusta toiminnasta. Valtuutetut k\u00e4ytt\u00e4j\u00e4t voivat asettaa organisaatiolle tietoturvauhan, esimerkiksi v\u00e4\u00e4rink\u00e4ytt\u00e4m\u00e4ll\u00e4 oikeuksiaan tietoj\u00e4rjestelmiin hakemalla tietoja, joihin heill\u00e4 ei ole valtuutusta. GDPR:n n\u00e4k\u00f6kulmasta onkin keskeist\u00e4 huomioida, ett\u00e4 k\u00e4ytt\u00f6oikeus j\u00e4rjestelm\u00e4\u00e4n ei tarkoita oikeutta k\u00e4ytt\u00e4\u00e4 j\u00e4rjestelmist\u00e4 l\u00f6ytyv\u00e4\u00e4 dataa, vaan siihen vaaditaan aina peruste. Yhdeksi keskeiseksi keinoksi t\u00e4llaisten valtuuttamattomien hakujen tunnistamiseen ja monitorointiin on ehdotettu lokianalytiikkaa. Kuitenkin tietoj\u00e4rjestelmien suuren k\u00e4ytt\u00f6asteen takia my\u00f6s lokitietoa tallentuu paljon, jolloin valtuuttamattoman haun tunnistaminen voi olla haastavaa. Suurten lokitapahtumien m\u00e4\u00e4r\u00e4n lis\u00e4ksi my\u00f6s lokien laatu voi asettaa organisaatioille suuria haasteita toteuttaa lokianalytiikkaa. Lokimassan keskeiseksi rajauskriteeriksi valtuuttamattomien hakujen tunnistamisessa havaittiin ty\u00f6ntekij\u00f6iden poikkeava toiminta. T\u00e4m\u00e4 Pro gradu-tutkielma toteutettiin toimeksiantona yhdelle Suomen suurimmista teleoperaattoreista. Tutkielma seuraa suunnittelutieteellist\u00e4 tutkimusmenetelm\u00e4\u00e4 ja luo sen metodein artefaktina suodatinmallin. Suodatinmalli koostuu 12 suodattimesta, joiden avulla organisaatioiden on mahdollista tehd\u00e4 poikkeavia hakuja nostavia suo-datuksia analysoitavaan lokimassaan, joka edelleen mahdollistaisi valtuuttamattomien hakujen tunnistamisen. Tutkielma esitt\u00e4\u00e4 my\u00f6s perustelut lokianalytiikan suorittamiselle, sek\u00e4 sille miksi lokien laatuun huomion kiinnitt\u00e4mist\u00e4 voidaan pit\u00e4\u00e4 keskeisen\u00e4 lokianalytiikan n\u00e4k\u00f6kulmasta.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "The way of working has changed in the past decade due to the digitalization that is happening across the world. The change has also affected individuals, since their data is being processed more than ever before. European Union\u2019s General Data Protection Regulation has brought the much-needed security to individual\u2019s data processing. To organizations GDPR has given more responsibility and a bigger need to ensure that their employees are acting based on authorizations. However, it has been detected that users can create an information security threat to organizations for example by misusing their accesses to information systems and searching for data that they do not have an authorization for. From GDPR\u2019s perspective it is crucial to understand that having an authorized access to information systems does not equal to authorized usage of the data. One of the most significant tools for detecting and monitoring this type of unauthorized searches is log analytics. However, information systems are widely used in organizations, and this leads to significant amount of log events being generated, which can set a challenge to detecting unauthorized searches. Besides significant amounts of log events also log quality can set a challenge on organization\u2019s log analytics. It was acknowledged that filtering log events of employee\u2019s abnormal behavior can help detect unauthorized events. This Master thesis was carried out as an assignment for one of the biggest telecom operators acting in Finland. This thesis follows the design science method and creates a filtering model as an artefact. The filtering model includes 12 filters and offers filters that will help to raise abnormal events from the log events that are being analyzed, helping to detect unauthorized searches. This thesis also justifies the need for log analytics and explains why log quality is a significant factor for log analytics\u2019 effectiveness.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2021-06-16T06:31:49Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2021-06-16T06:31:49Z (GMT). No. of bitstreams: 0\n Previous issue date: 2021", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "82", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.language.iso", "value": "fin", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "lokianalytiikka", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "GDPR", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "valtuutettu k\u00e4ytt\u00e4j\u00e4", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "valtuuttamaton haku", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Valtuutetun k\u00e4ytt\u00e4j\u00e4n valtuuttamattomien hakujen tunnistaminen lokianalytiikan keinoin", "language": "", "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202106163779", "language": "", "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Tietoj\u00e4rjestelm\u00e4tiede", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Information Systems Science", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.collaborator", "value": "business", "language": "", "element": "contractresearch", "qualifier": "collaborator", "schema": "yvv"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "yvv.contractresearch.initiative", "value": "student", "language": "", "element": "contractresearch", "qualifier": "initiative", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": "", "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
|