Title :
Proactive monitoring of security policy accomplishment in computer networks
Author :
Kotenko, Igor ; Bogdanov, Vitaly
Author_Institution :
St. Petersburg Inst. for Inf. & Autom., St. Petersburg, Russia
Abstract :
One of topical tasks of policy-based security management is checking that the security policy stated in organization corresponds to its implementation in the computer network. The paper considers an approach to proactive monitoring of security policy performance and security mechanisms functioning. This approach is based on different strategies of automatic imitation of possible users´ actions in the computer network, including exhaustive search, express-analysis and generating the optimized test sequences. It is applicable to different security policies. The paper describes stages, generalized algorithms and main peculiarities of the suggested approach and formal methods used to fulfill the test sequence optimization. We consider the generalized architecture of the proactive monitoring system ¿proactive security scanner¿ (PSC) developed and its implementation.
Keywords :
computer networks; security of data; computer networks; policy-based security management; proactive monitoring; proactive security scanner; security mechanisms functioning; security policy accomplishment; test sequence optimization; Application software; Computer network management; Computer network reliability; Computer networks; Computer security; Computerized monitoring; Conferences; Data security; National security; Testing; Homeland Security; Security and Reliability; Security policy monitoring; Test sequence optimization;
Conference_Titel :
Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, 2009. IDAACS 2009. IEEE International Workshop on
Conference_Location :
Rende
Print_ISBN :
978-1-4244-4901-9
Electronic_ISBN :
978-1-4244-4882-1
DOI :
10.1109/IDAACS.2009.5342961
