| fullrecord |
[{"key": "dc.contributor.advisor", "value": "H\u00e4m\u00e4l\u00e4inen, Timo", "language": null, "element": "contributor", "qualifier": "advisor", "schema": "dc"}, {"key": "dc.contributor.author", "value": "Kallatsa, Markus", "language": null, "element": "contributor", "qualifier": "author", "schema": "dc"}, {"key": "dc.date.accessioned", "value": "2024-01-22T06:37:02Z", "language": null, "element": "date", "qualifier": "accessioned", "schema": "dc"}, {"key": "dc.date.available", "value": "2024-01-22T06:37:02Z", "language": null, "element": "date", "qualifier": "available", "schema": "dc"}, {"key": "dc.date.issued", "value": "2024", "language": null, "element": "date", "qualifier": "issued", "schema": "dc"}, {"key": "dc.identifier.uri", "value": "https://jyx.jyu.fi/handle/123456789/92952", "language": null, "element": "identifier", "qualifier": "uri", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Organisaatioiden tietovarantoja s\u00e4il\u00f6t\u00e4\u00e4n yh\u00e4 eneneviss\u00e4 m\u00e4\u00e4rin digitaalisesti ja tietoverkkov\u00e4litteisesti. N\u00e4in ollen organisaatioiden tulisi yht\u00e4 lailla kiinnitt\u00e4\u00e4 huomiota tietoverkkojensa rakenteeseen ja turvallisuuteen muiden turvallisuusj\u00e4rjestelyjen lis\u00e4ksi. Tietoverkkojen tietoturvaa edist\u00e4vi\u00e4 turvallisuusmekanismeja on olemassa useita. Er\u00e4s mekanismeista on tietoverkon segmentointi, jolla tarkoitetaan tietoverkon jakamista arkkitehtuurillisesti pienempiin ja toisistaan eristettyihin aliverkkoihin eli segmentteihin, joiden v\u00e4list\u00e4 liikennett\u00e4 kontrolloidaan. Samaan periaatteeseen pohjautuva ja hieman uudempi l\u00e4hestymistapa on mikrosegmentointi, joka vie segmentoinnin hienojakoisemmalle tasolle. Mikrosegmentoinnissa segmenttikohtaisia turvallisuusperiaatteita sovelletaan segmenttitasolla l\u00e4hemp\u00e4n\u00e4 suojeltavaa resurssia. Segmentoinnin yleisen\u00e4 tavoitteena on minimoida hy\u00f6kk\u00e4\u00e4j\u00e4n lateraalisen liikkumisen mahdollisuuksia erist\u00e4m\u00e4ll\u00e4 suojeltavat kohteet toisistaan erill\u00e4\u00e4n oleviin segmentteihin. T\u00e4ss\u00e4 tutkimuksessa syvennyt\u00e4\u00e4n systemaattisen kirjallisuuskatsauksen kautta tietoverkkojen segmentointiin tarkastelemalla, miten aihetta on k\u00e4sitelty tutkimuskirjallisuudessa. Kaiken kaikkiaan tutkimuksen tarkasteluun p\u00e4\u00e4tyi 29 julkaisua, joita analysoitiin teemapainotteisesti. Tarkasteluun on sis\u00e4llytetty t\u00e4m\u00e4nhetkisi\u00e4 segmentoinnin l\u00e4hestymistapoja, teknisi\u00e4 ratkaisuja sek\u00e4 turvallisuusn\u00e4k\u00f6kohtia mukaan lukien segmentoinnin hy\u00f6tyj\u00e4 ja haittoja. Tutkimuksen tuloksena tunnistettiin tietoverkon segmentointiprosessiin liittyvi\u00e4, asiaankuuluvia organisatorisia attribuutteja, kuten toteutuksen kustannukset, suorituskyky, yll\u00e4pidett\u00e4vyys, suojattavuus, hienojakoisuus, koko ja dynaamisuus. Toinen havaittu trendi liittyy automaatioty\u00f6kalujen soveltamiseen segmentointiprosessissa. Lopuksi systemaattisen kirjallisuuskatsauksen tulosten pohjalta esitet\u00e4\u00e4n k\u00e4yt\u00e4nn\u00f6n suosituksia, jotka pohjautuvat kolmivaiheiseen tietoverkon segmentointiprosessiin.", "language": "fi", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.abstract", "value": "Organizational information assets are increasingly being stored digitally over information networks. Therefore, organizations should pay equal attention to the design and security of their networks in addition to other security arrangements. There are several security mechanisms that contribute to the computer network security. One of which is network segmentation that involves breaking up the network into architecturally smaller subnetworks called segments, between which traffic is controlled. Another and more recent mechanism based on the same principle is micro-segmentation, which takes segmentation into fine-grained level where granular segments have their own segment-level security policies closer to the protectable resources. General objective of network segmentation is to minimize adversary\u2019s potential for lateral movement by isolating protectable resources into segments separated from each other. This study delves deeper into network segmentation by examining through systematic literature review how the topic has been dealt in the research literature. Overall 29 publications were reviewed and analyzed on a thematic-driven basis. Current segmentation approaches and technical solutions including their benefits and drawbacks are included in the review. As a result, relevant organizational attributes related to segmentation process were identified such as costs, performance, manageability, protectability, granularity, size and dynamism. Another observed trend was related to utilization of automation tools in network segmentation. Finally, based on the results of the systematic literature review, the study concludes with practical recommendations based on a three-phased network segmentation process.", "language": "en", "element": "description", "qualifier": "abstract", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Submitted by Paivi Vuorio (paelvuor@jyu.fi) on 2024-01-22T06:37:02Z\nNo. of bitstreams: 0", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.description.provenance", "value": "Made available in DSpace on 2024-01-22T06:37:02Z (GMT). No. of bitstreams: 0\n Previous issue date: 2024", "language": "en", "element": "description", "qualifier": "provenance", "schema": "dc"}, {"key": "dc.format.extent", "value": "76", "language": "", "element": "format", "qualifier": "extent", "schema": "dc"}, {"key": "dc.format.mimetype", "value": "application/pdf", "language": null, "element": "format", "qualifier": "mimetype", "schema": "dc"}, {"key": "dc.language.iso", "value": "eng", "language": null, "element": "language", "qualifier": "iso", "schema": "dc"}, {"key": "dc.rights", "value": "In Copyright", "language": "en", "element": "rights", "qualifier": null, "schema": "dc"}, {"key": "dc.subject.other", "value": "network segmentation", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "macro-segmentation", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "micro-segmentation", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "network security", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.subject.other", "value": "information security", "language": "", "element": "subject", "qualifier": "other", "schema": "dc"}, {"key": "dc.title", "value": "Strategies for network segmentation : a systematic literature review", "language": null, "element": "title", "qualifier": null, "schema": "dc"}, {"key": "dc.type", "value": "master thesis", "language": null, "element": "type", "qualifier": null, "schema": "dc"}, {"key": "dc.identifier.urn", "value": "URN:NBN:fi:jyu-202401221445", "language": null, "element": "identifier", "qualifier": "urn", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Master\u2019s thesis", "language": "en", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.type.ontasot", "value": "Pro gradu -tutkielma", "language": "fi", "element": "type", "qualifier": "ontasot", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Faculty of Information Technology", "language": "en", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.faculty", "value": "Informaatioteknologian tiedekunta", "language": "fi", "element": "contributor", "qualifier": "faculty", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Information Technology", "language": "en", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.department", "value": "Informaatioteknologia", "language": "fi", "element": "contributor", "qualifier": "department", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "University of Jyv\u00e4skyl\u00e4", "language": "en", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.contributor.organization", "value": "Jyv\u00e4skyl\u00e4n yliopisto", "language": "fi", "element": "contributor", "qualifier": "organization", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Cyber Security", "language": "en", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "dc.subject.discipline", "value": "Kyberturvallisuus", "language": "fi", "element": "subject", "qualifier": "discipline", "schema": "dc"}, {"key": "yvv.contractresearch.funding", "value": "0", "language": "", "element": "contractresearch", "qualifier": "funding", "schema": "yvv"}, {"key": "dc.type.coar", "value": "http://purl.org/coar/resource_type/c_bdcc", "language": null, "element": "type", "qualifier": "coar", "schema": "dc"}, {"key": "dc.rights.copyright", "value": "\u00a9 The Author(s)", "language": null, "element": "rights", "qualifier": "copyright", "schema": "dc"}, {"key": "dc.rights.accesslevel", "value": "openAccess", "language": null, "element": "rights", "qualifier": "accesslevel", "schema": "dc"}, {"key": "dc.type.publication", "value": "masterThesis", "language": null, "element": "type", "qualifier": "publication", "schema": "dc"}, {"key": "dc.subject.oppiainekoodi", "value": "601", "language": null, "element": "subject", "qualifier": "oppiainekoodi", "schema": "dc"}, {"key": "dc.subject.yso", "value": "segmentointi", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoturva", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "tietoverkot", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "kirjallisuuskatsaukset", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "segmentation", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "data security", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "information networks", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.subject.yso", "value": "literature surveys", "language": null, "element": "subject", "qualifier": "yso", "schema": "dc"}, {"key": "dc.format.content", "value": "fulltext", "language": null, "element": "format", "qualifier": "content", "schema": "dc"}, {"key": "dc.rights.url", "value": "https://rightsstatements.org/page/InC/1.0/", "language": null, "element": "rights", "qualifier": "url", "schema": "dc"}]
|