Online and Offline Security Policy Assessment. Valenza, F., Vallini, M., & Lioy, A. In Proceedings of the 8th ACM CCS International Workshop on Managing Insider Security Threats (MIST@CCS 2016), pages 101–104, 2016. ACM.
Online and Offline Security Policy Assessment [pdf]Paper  doi  abstract   bibtex   
Network architectures and applications are becoming increasingly complex. Several approaches to automatically enforce configurations on devices, applications and services have been proposed, such as Policy-Based Network Management (PBNM). However, the management of enforced configurations in production environments (e.g. data center) is a crucial and complex task. For example, updates on firewall configuration to change a set of rules. Although this task is fundamental for complex systems, few effective solutions have been proposed for monitoring and managing enforced configurations. This work proposes a novel approach to monitor and manage enforced configurations in production environments. The main contributions of this paper are a formal model to identify/generate traffic flows and to verify the enforced configurations; and a slim and transparent framework to perform the policy assessment. We have implemented and validated our approach in a virtual environment in order to evaluate different scenarios. The results demonstrate that the prototype is effective and has good performance, therefore our model can be effectively used to analyse several types of IT infrastructures. A further interesting result is that our approach is complementary to PBNM. © 2016 ACM.

Downloads: 0