Multi-aspect security configuration assessment

Mirko Montanari, Roy H. Campbell

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Evaluating the security of a computer network system is a challenging task. Configurations of large systems are complex entities in continuous evolution. The installation of new software, a change in the firewall rules, or the discovery of a software vulnerability can be exploited by a malicious user to gain unauthorized control of the integrity, availability and confidentiality of the assets of an organization. This paper presents a framework for building security assessment tools able to perform online verification of the security of a system configuration. Heterogeneous data generated from multiple sources are integrated into a homogeneous RDF representation using domain-specific ontologies and used for assessing the security of a configuration toward known attack vectors. Different vocabularies can be defined to express configurations, policies and attacks for each aspect of the security of an organization (e.g., network security, physical security and application level security) in a modular way. By automatically extracting part of the configuration from the network system, the tool is able to detect in near real-time security threats created by configuration changes.

Original languageEnglish (US)
Title of host publicationProceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
Pages1-5
Number of pages5
DOIs
StatePublished - Dec 1 2009
Event2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 - Chicago, IL, United States
Duration: Nov 9 2009Nov 13 2009

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
CountryUnited States
CityChicago, IL
Period11/9/0911/13/09

Keywords

  • Attack tree
  • Network management
  • Security
  • Security assessment

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Multi-aspect security configuration assessment'. Together they form a unique fingerprint.

Cite this