2017 1st Cyber Security in Networking Conference (CSNet) 2017
DOI: 10.1109/csnet.2017.8241987
|View full text |Cite
|
Sign up to set email alerts
|

dynSMAUG: A dynamic security management framework driven by situations

Abstract: We present a dynamic security management framework where security policies are specified according to situations. A situation allows to logically group dynamic constraints and make policies closer to business. Situations are specified and calculated by using complex events processing techniques and security policies are written in XACMLv3. Finally, the framework is supported by a modular event based deployment infrastructure. The whole framework has been implemented and its performance is evaluated.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2

Citation Types

0
2
0

Year Published

2018
2018
2021
2021

Publication Types

Select...
3
1
1

Relationship

2
3

Authors

Journals

citations
Cited by 5 publications
(2 citation statements)
references
References 24 publications
0
2
0
Order By: Relevance
“…In this paper, we propose an adaptive security framework that covers both dynamic risk assessment and situational driven security policy deployment. We extend a maritime-specific risk assessment methodology (MITIGATE [ 5 , 6 ]) to suggest adaptive security controls, and integrate it with a situation-driven security management framework (DynSMAUG [ 7 , 8 , 9 ]) to dynamically enforce adaptive security policies implementing the security controls. We will follow a situation-driven approach.…”
Section: Introductionmentioning
confidence: 99%
“…In this paper, we propose an adaptive security framework that covers both dynamic risk assessment and situational driven security policy deployment. We extend a maritime-specific risk assessment methodology (MITIGATE [ 5 , 6 ]) to suggest adaptive security controls, and integrate it with a situation-driven security management framework (DynSMAUG [ 7 , 8 , 9 ]) to dynamically enforce adaptive security policies implementing the security controls. We will follow a situation-driven approach.…”
Section: Introductionmentioning
confidence: 99%
“…But, allowing only the right people to access the right assets under the right conditions (temporal, geographical, circumstances, etc) entails considering dynamic constraints that leads to dynamic security permissions. This article extends [2] and presents dynSMAUG, our dynamic security management framework. The specificity of our approach consists in placing the concept of situation at the core of security management and writing policies herewith "when situation and conditions then security actions".…”
Section: Introductionmentioning
confidence: 99%