OSI security management is a functional area of OSI management and Fault, Configuration, Account, Performance, and Security Management( FCAPS) and is directly related to the target specification of user management. Security policy aspects must consider ethical and legal components as well as legal, organizational, and economic requirements.
More generally, security management( SM) encompasses the protection of information, objects, services, and resources. Security measures include authentication, password management and access authorization to networks and LAN segments. Security considerations must be planned on the premise that information represents value that can be quantified and qualified.
The Security Management Information Base ( SMIB) forms the data basis of security management. The OSI security architecture recognizes three management categories: System Security Management, Security Services Management, and Security Mechanisms Management. Security management between the end systems is handled via security protocols. In this process, the security protocols and the transmitted management information must be protected.
There are several approaches to security management. There is the signature-based approach, which monitors data flows and compares data in transit with signatures and known threats, and behavior-based, proactive security approaches, which monitor all relevant activities and quickly detect deviations from normal behavior patterns. Behavior-based methods include, for example, User Behavior Analytics( UBA) and Network Behavior Anomaly Detection( NBAD).