Saliou, Lionel, Buchanan, William J, Graves, Jamie and Munoz, Jose (2005) Novel Framework for Automated Security Abstraction, Modelling, Implementation and Verification. In: 4th European Conference on Information Warfare and Security, 11 - 12 July 2005, Glamorgan, United Kingdom.
|PDF (This paper describes a novel framework for organisational security) |
Available under License Creative Commons Attribution Non-commercial.
Download (257kB) | Preview
This paper presents a novel framework for network security, and provides a complete solution to integrated security policies, which meets the objectives of an organisation, and also an automated verification process. The framework uses a security compiler, which converts high-level abstract definitions of the objectives of an organisation, and its security requirements. The output of this is then converted into an XML abstraction of security requirements, which can then be modelled, and converted into an implementable form, such as using firewall and IDS rules. Once it has been implemented, network agents are then used to generate and gather data allowing the security policy to be verified against the requirements.
The main areas of the framework are:
• Formal definition and abstraction. This involves the application of formal abstract security languages, such as an ontology mark-up language, and the novel implementation of integrated social rules, along with some form of definition of the aims and objectives of the organisation.
• Implementation. This involves converting the abstraction of the security policy into code and configurations, which can be implemented in the network devices, such as in the implementation of firewall and IDS rules, along with rules for data gathering agents. The paper shows practical implementations of these.
• Test and verification. This involves using data gathering and test generation agents to test and verify that the security system meets its initial objectives. This is obviously a key element in the system, as it provides automated feedback, and refinement.
The paper also provides novel results, which show how network agents can detect threats, and how the network can reconfigure itself, and limit its damage. It also shows typical delays for well-known worm threats and concludes with a novel method of detection and proposes methods on how the network could automate its configuration to overcome typical network threats, such as worms and viruses.
|Item Type:||Conference or Workshop Item (Paper)|
|Uncontrolled Keywords:||Network agents; Security abstraction; Formal definition; Reconfiguration; Automated verification;|
|University Divisions/Research Centres:||Faculty of Engineering, Computing and Creative Industries > School of Computing|
|Dewey Decimal Subjects:||000 Computer science, information & general works > 000 Computer science, knowledge & systems > 004 Data processing & computer science > 004.2 Systems analysis, design & performance|
000 Computer science, information & general works > 000 Computer science, knowledge & systems > 005 Computer programming, programs & data > 005.8 Data security
|Library of Congress Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science|
|Depositing User:||Lionel Saliou|
|Date Deposited:||20 May 2009 12:01|
|Last Modified:||05 Mar 2015 10:30|
Actions (login required)