Active Security--A proactive approach for computer security systems

Computer systems and especially networking environments are growing and changing very rapidly. Such growth introduces major security risks, as current computer and networking security components are not able to dynamically adopt themselves for the changing needs. Especially the growth of the Internet and electronic commerce have made it necessary to have centralized security policies in place which are enforced by a distributed environment. `Active Securityʹ is the result of a research and development project, introducing a new approach for implementing security systems, being able to automatically respond to new security threats. The focus of this work is encompassing a security infrastructure where multiple components including intrusion detection systems, vulnerability assessment scanners, firewalls and other security devices are able to communicate and respond to changing security threats. Design and implementation of Active Security is based on a public key infrastructure using digital certificates for providing authenticated communication. A number of sites on the Internet have participated during the pilot phase of Active Security protecting their networks. The United States patent titled `Active Firewall System and Methodologyʹ is pending for this architecture.