Title :
SAT-solving approaches to context-aware enterprise network security management
Author :
Homer, John ; Ou, Xinming
Author_Institution :
Kansas State Univ., Manhattan, KS
fDate :
4/1/2009 12:00:00 AM
Abstract :
Enterprise network security management is a complex task of balancing security and usability, with trade-offs often necessary between the two. Past work has provided ways to identify intricate attack paths due to misconfiguration and vulnerabilities in an enterprise system, but little has been done to address how to correct the security problems within the context of various other requirements such as usability, ease of access, and cost of countermeasures. This paper presents an approach based on Boolean satisfiability solving (SAT solving) that can reason about attacks, usability requirements, cost of actions, etc. in a unified, logical framework. Preliminary results show that the approach is both effective and efficient.
Keywords :
computer network management; risk analysis; telecommunication security; Boolean satisfiability solving; computer network management; computer network security; context-aware enterprise network security management; risk analysis; Application software; Computer network management; Computer networks; Computer security; Costs; Humans; Information security; National security; Risk analysis; Usability; Boolean Satisfiability Problem (SAT), Computer Network Management, Computer Network Security, Risk Analysis, Security;
Journal_Title :
Selected Areas in Communications, IEEE Journal on
DOI :
10.1109/JSAC.2009.090407
