Policy-based management: bridging the gap

Hinrichs, Susan

doi:10.1109/csac.1999.816030

Cited by 32 publications

(18 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [6], the authors adopted a better approach by using a modular architecture that separates the security policy and the underlying network topology to allow for flexible modification of the network topology without the need to update the security policy. Similar work has been done in [14] with a procedural policy definition language, and in [16] with an object-oriented policy definition language. In terms of distributed firewall policy enforcement, a novel architecture is proposed in [15] where the authors suggest using a trust management system to enforce a centralized security policy at individual network endpoints based on access rights granted to users or hosts.…”

Section: Related Workmentioning

confidence: 93%

Towards a Unified Modeling and Verification of Network and System Security Configurations

Alsaleh

Al-Shaer

El-Atawy

2013

Automated Security Management

View full text Add to dashboard Cite

Abstract-Systems and networks access control configuration are usually analyzed independently although they are logically combined to define the end-to-end security property. While systems and applications security policies define access control based on user identity or group, request type and the requested resource, network security policies uses flow information such as host and service addresses for source and destination to define access control. Therefore, both network and systems access control have to be configured consistently in order to enforce endto-end security policies. Many previous research attempt to verify either side separately, but it does not provide a unified approach to automatically validate the logical consistency between both of them. Thus, using existing techniques requires error-prone manual and ad-hoc analysis to validate this link.In this paper, we introduce a cross-layer modeling and verification system that can analyze the configurations and policies across both application and network components as a single unit. It combines policies from different devices as firewalls, NAT, routers and IPSec gateways as well as basic RBACbased policies of higher service layers. This allows analyzing, for example, firewall polices in the context of application access control and vice versa. Thus, by incorporating policies across the network and over multiple layers, we provide a true endto-end configuration verification tool. Our model represents the system as a state machine where packet header, service request and location determine the state and transitions that conform with the configuration, device operations, and packet values are established. We encode the model as Boolean functions using binary decision diagrams (BDDs). We used an extended version of computational tree logic (CTL) to provide more useful operators and then use it with symbolic model checking to prove or find counter examples to needed properties. The tool is implemented and we gave special consideration to efficiency and scalability.

show abstract

Section: Related Workmentioning

confidence: 93%

Towards a Unified Modeling and Verification of Network and System Security Configurations

Alsaleh

Al-Shaer

El-Atawy

2013

Automated Security Management

View full text Add to dashboard Cite

show abstract

“…On the other hand, few related work [6,10] present a resolution for the correlation conflict problem only. Other approaches [2,9,12,14,18] propose using a high-level policy language to define and analyze firewall policies and then map this language to filtering rules. Firewall query-based languages based on filtering rules are also proposed in [7,11].…”

Section: Introductionmentioning

confidence: 99%

Firewall Policy Advisor for Anomaly Discovery and Rule Editing

Al-Shaer

Hamed

2003

Integrated Network Management VIII

View full text Add to dashboard Cite

Abstract:Keywords:Firewalls are core elements in network security. However, managing firewall rules, especially for enterprize networks, has become complex and error-prone. Firewall filtering rules have to be carefully written and organized in order to correctly implement the security policy. In addition, inserting or modifying a filtering rule requires thorough analysis of the relationship between this rule and other rules in order to determine the proper order of this rule and commit the updates. In this paper, we present a set of techniques and algorithms that provide (1) automatic discovery of firewall policy anomalies to reveal rule conflicts and potential problems in legacy firewalls, and (2) anomaly-free policy editing for rule insertion, removal and modification. This is implemented in a user-friendly tool called "Firewall Policy Advisor." The Firewall Policy Advisor significantly simplifies the management of any generic firewall policy written as filtering rules, while minimizing network vulnerability due to firewall rule misconfiguration.Firewall, security management, security policy, policy conflict.

show abstract

“…Finally, the entire relevant policy rule-set must be available at an enforcement point; this may cause scalability problems with respect to the number of users, peer nodes, and policy entries. Other similar work includes [Hinrichs 1999;Guttman 1997;Molitor 1995;Damianou 2002] (although the latter, Ponder, does allow delegation).…”

Section: Domain Specific Languagesmentioning

confidence: 99%

Requirements for scalable access control and security management architectures

Keromytis

Smith

2007

ACM Trans. Internet Technol.

View full text Add to dashboard Cite

Maximizing local autonomy by delegating functionality to end nodes when possible (the "end to end" design principle) has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access-control policies and mechanisms. Yet management of security is becoming an increasingly challenging problem, in no small part due to scaling up of measures such as number of users, protocols, applications, network elements, topological constraints, and functionality expectations.In this paper we discuss scalability challenges for traditional access control mechanisms at the architectural level, and present a set of fundamental requirements for authorization services in large-scale networks. We show why existing mechanisms fail to meet these requirements, and investigate the current design options for a scalable access control architecture.We argue that the key design options to achieve scalability are the choice of the representation of access control policy, the distribution mechanism for policy and the choice of access-rights revocation scheme. Although these ideas have been considered in the past, current access-control systems in use continue to use simpler but restrictive architectural models. With this paper, we hope to influence the design of future accesscontrol systems towards more decentralized and scalable mechanisms. Maximizing local autonomy by delegating functionality to end nodes when possible (the "end to end" design principle) has led to a scalable Internet. Scalability and the capacity for distributed control have unfortunately not extended well to resource access-control policies and mechanisms. Yet management of security is becoming an increasingly challenging problem, in no small part due to scaling up of measures such as number of users, protocols, applications, network elements, topological constraints, and functionality expectations.In this paper we discuss scalability challenges for traditional access control mechanisms at the architectural level, and present a set of fundamental requirements for authorization services in large-scale networks. We show why existing mechanisms fail to meet these requirements, and investigate the current design options for a scalable access control architecture.We argue that the key design options to achieve scalability are the choice of the representation of access control policy, the distribution mechanism for policy and the choice of access-rights revocation scheme. Although these ideas have been considered in the past, current access-control systems in use continue to use simpler but restrictive architectural models. With this paper, we hope to influence the design of future access-control systems towards more decentralized and scalable mechanisms.

show abstract

Policy-based management: bridging the gap

Cited by 32 publications

References 7 publications

Towards a Unified Modeling and Verification of Network and System Security Configurations

Towards a Unified Modeling and Verification of Network and System Security Configurations

Firewall Policy Advisor for Anomaly Discovery and Rule Editing

Requirements for scalable access control and security management architectures

Contact Info

Product

Resources

About