Title :
Security agility in response to intrusion detection
Author :
Petkac, Mike ; Badger, Lee
Author_Institution :
NAI Labs., USA
Abstract :
Cooperative frameworks for intrusion detection and response exemplify a key area of today´s computer research: automating defenses against malicious attacks that increasingly are taking place at grander speeds and scales to enhance the survivability of distributed systems and maintain mission critical functionality. At the individual host-level, intrusion response often includes security policy reconfiguration to reduce the risk of further penetrations. However, runtime policy changes may cause traditional software components, designed without (dynamic) security in mind, to fail in varying degrees, including termination of critical processes. This paper presents security agility, a strategy to provide software components with the security awareness and adaptability to address runtime security policy changes, describes how security agility is packaged in a prototype toolkit and illustrates how the toolkit can be integrated with intrusion detection and response frameworks to help automate flexible host-based response to intrusions
Keywords :
distributed processing; security of data; cooperative frameworks; distributed systems; flexible host-based response; intrusion detection; malicious attacks; mission critical functionality; prototype toolkit; runtime security policy change; security agility; security policy reconfiguration; software components; Distributed computing; Intrusion detection; Mission critical systems; Packaging; Runtime; Security; Software design; Software packages; Software prototyping; Software tools;
Conference_Titel :
Computer Security Applications, 2000. ACSAC '00. 16th Annual Conference
Conference_Location :
New Orleans, LA
Print_ISBN :
0-7695-0859-6
DOI :
10.1109/ACSAC.2000.898853
