Title :
Generating policies for defense in depth
Author :
Rubel, Paul ; Ihde, Michael ; Harp, Steven ; Payne, Charles
Author_Institution :
BBN Technol., Cambridge, MA
Abstract :
Coordinating multiple overlapping defense mechanisms, at differing levels of abstraction, is fraught with the potential for misconfiguration, so there is strong motivation to generate policies for those mechanisms from a single specification in order to avoid that risk. This paper presents our experience and the lessons learned as we developed, validated and coordinated network communication security policies for a defense-in-depth enabled system that withstood sustained red team attack. Network communication was mediated by host-based firewalls, process domain mechanisms and application-level security policies enforced by the Java virtual machine. We coordinated the policies across the layers using a variety of tools, but we discovered that, at least for defense-in-depth enabled systems, constructing a single specification from which to derive all policies is probably neither practical nor even desirable
Keywords :
Java; authorisation; telecommunication security; virtual machines; Java virtual machine; application-level security policy; defense-in-depth enabled system; host-based firewall; multiple overlapping defense mechanism; network communication security policy; process domain mechanism; red team attack; Application software; Communication system security; Computer security; Contracts; Java; Software tools; Virtual machining;
Conference_Titel :
Computer Security Applications Conference, 21st Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-7695-2461-3
DOI :
10.1109/CSAC.2005.26
