Multi-aspect security configuration assessment

Mirko Montanari; Roy H. Campbell

doi:10.1145/1655062.1655064

Multi-aspect security configuration assessment

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Evaluating the security of a computer network system is a challenging task. Configurations of large systems are complex entities in continuous evolution. The installation of new software, a change in the firewall rules, or the discovery of a software vulnerability can be exploited by a malicious user to gain unauthorized control of the integrity, availability and confidentiality of the assets of an organization. This paper presents a framework for building security assessment tools able to perform online verification of the security of a system configuration. Heterogeneous data generated from multiple sources are integrated into a homogeneous RDF representation using domain-specific ontologies and used for assessing the security of a configuration toward known attack vectors. Different vocabularies can be defined to express configurations, policies and attacks for each aspect of the security of an organization (e.g., network security, physical security and application level security) in a modular way. By automatically extracting part of the configuration from the network system, the tool is able to detect in near real-time security threats created by configuration changes.

Original language	English (US)
Title of host publication	Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
Pages	1-5
Number of pages	5
DOIs	https://doi.org/10.1145/1655062.1655064
State	Published - 2009
Event	2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 - Chicago, IL, United States Duration: Nov 9 2009 → Nov 13 2009

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Other

Other	2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
Country/Territory	United States
City	Chicago, IL
Period	11/9/09 → 11/13/09

Keywords

Attack tree
Network management
Security
Security assessment

ASJC Scopus subject areas

Software
Computer Networks and Communications

Online availability

10.1145/1655062.1655064

Library availability

Discover UIUC Full Text

Cite this

Montanari, M., & Campbell, R. H. (2009). Multi-aspect security configuration assessment. In Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 (pp. 1-5). (Proceedings of the ACM Conference on Computer and Communications Security). https://doi.org/10.1145/1655062.1655064

Multi-aspect security configuration assessment. / Montanari, Mirko; Campbell, Roy H.
Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09. 2009. p. 1-5 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Montanari, M & Campbell, RH 2009, Multi-aspect security configuration assessment. in Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09. Proceedings of the ACM Conference on Computer and Communications Security, pp. 1-5, 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09, Chicago, IL, United States, 11/9/09. https://doi.org/10.1145/1655062.1655064

Montanari M, Campbell RH. Multi-aspect security configuration assessment. In Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09. 2009. p. 1-5. (Proceedings of the ACM Conference on Computer and Communications Security). doi: 10.1145/1655062.1655064

@inproceedings{f364a459704f409b8bb6b81402c846b6,

title = "Multi-aspect security configuration assessment",

abstract = "Evaluating the security of a computer network system is a challenging task. Configurations of large systems are complex entities in continuous evolution. The installation of new software, a change in the firewall rules, or the discovery of a software vulnerability can be exploited by a malicious user to gain unauthorized control of the integrity, availability and confidentiality of the assets of an organization. This paper presents a framework for building security assessment tools able to perform online verification of the security of a system configuration. Heterogeneous data generated from multiple sources are integrated into a homogeneous RDF representation using domain-specific ontologies and used for assessing the security of a configuration toward known attack vectors. Different vocabularies can be defined to express configurations, policies and attacks for each aspect of the security of an organization (e.g., network security, physical security and application level security) in a modular way. By automatically extracting part of the configuration from the network system, the tool is able to detect in near real-time security threats created by configuration changes.",

keywords = "Attack tree, Network management, Security, Security assessment",

author = "Mirko Montanari and Campbell, {Roy H.}",

year = "2009",

doi = "10.1145/1655062.1655064",

language = "English (US)",

isbn = "9781605587783",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

pages = "1--5",

booktitle = "Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09",

note = "2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 ; Conference date: 09-11-2009 Through 13-11-2009",

}

TY - GEN

T1 - Multi-aspect security configuration assessment

AU - Montanari, Mirko

AU - Campbell, Roy H.

PY - 2009

Y1 - 2009

N2 - Evaluating the security of a computer network system is a challenging task. Configurations of large systems are complex entities in continuous evolution. The installation of new software, a change in the firewall rules, or the discovery of a software vulnerability can be exploited by a malicious user to gain unauthorized control of the integrity, availability and confidentiality of the assets of an organization. This paper presents a framework for building security assessment tools able to perform online verification of the security of a system configuration. Heterogeneous data generated from multiple sources are integrated into a homogeneous RDF representation using domain-specific ontologies and used for assessing the security of a configuration toward known attack vectors. Different vocabularies can be defined to express configurations, policies and attacks for each aspect of the security of an organization (e.g., network security, physical security and application level security) in a modular way. By automatically extracting part of the configuration from the network system, the tool is able to detect in near real-time security threats created by configuration changes.

AB - Evaluating the security of a computer network system is a challenging task. Configurations of large systems are complex entities in continuous evolution. The installation of new software, a change in the firewall rules, or the discovery of a software vulnerability can be exploited by a malicious user to gain unauthorized control of the integrity, availability and confidentiality of the assets of an organization. This paper presents a framework for building security assessment tools able to perform online verification of the security of a system configuration. Heterogeneous data generated from multiple sources are integrated into a homogeneous RDF representation using domain-specific ontologies and used for assessing the security of a configuration toward known attack vectors. Different vocabularies can be defined to express configurations, policies and attacks for each aspect of the security of an organization (e.g., network security, physical security and application level security) in a modular way. By automatically extracting part of the configuration from the network system, the tool is able to detect in near real-time security threats created by configuration changes.

KW - Attack tree

KW - Network management

KW - Security

KW - Security assessment

UR - http://www.scopus.com/inward/record.url?scp=74049083651&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=74049083651&partnerID=8YFLogxK

U2 - 10.1145/1655062.1655064

DO - 10.1145/1655062.1655064

M3 - Conference contribution

AN - SCOPUS:74049083651

SN - 9781605587783

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 1

EP - 5

BT - Proceedings of the 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09

T2 - 2nd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09

Y2 - 9 November 2009 through 13 November 2009

ER -

Multi-aspect security configuration assessment

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this