Distributed Security Policy Conformance

被引：0

作者：

Montanari, Mirko ^{[1
]}

Chan, Ellick ^{[1
]}

Larson, Kevin ^{[1
]}

Yoo, Wucherl ^{[1
]}

Campbell, Roy H. ^{[1
]}

机构：

[1] Univ Illinois, Dept Comp Sci, Urbana, IL 61801 USA

来源：

FUTURE CHALLENGES IN SECURITY AND PRIVACY FOR ACADEMIA AND INDUSTRY | 2011年 / 354卷

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Security policy conformance is a crucial issue in large-scale critical cyber-infrastructure. The complexity of these systems, insider attacks, and the possible speed of an attack on a system necessitate an automated approach to assure a basic level of protection. This paper presents Odessa, a resilient system for monitoring and validating compliance of networked systems to complex policies. To manage the scale of infrastructure systems and to avoid single points of failure or attack, Odessa distributes policy validation across many network nodes. Partial delegation enables the validation of component policies and of liveness at the edge nodes of the network using redundancy to increase security. Redundant distributed servers aggregate data to validate more complex policies. Our practical implementation of Odessa resists Byzantine failure of monitoring using an architecture that significantly increases scalability and attack resistance.

引用

页码：210 / 222

页数：13

共 50 条

[1] Distributed security policy conformance
Montanari, Mirko
Chan, Ellick
Larson, Kevin
Yoo, Wucherl
Campbell, Roy H.
[J]. COMPUTERS & SECURITY, 2013, 33 : 28 - 40
[2] Validating Security Policy Conformance with WS-Security Requirements
Satoh, Fumiko
Uramoto, Naohiko
[J]. ADVANCES IN INFORMATION AND COMPUTER SECURITY, 2010, 6434 : 133 - 148
[3] Distributed monitoring in ad hoc networks: Conformance and security checking
Mallouli, Wissam
Wehbi, Bachar
Cavalli, Ana
[J]. AD-HOC, MOBILE AND WIRELESS NETWORKS, PROCEEDINGS, 2008, 5198 : 345 - 356
[4] XML distributed security policy for clusters
Apvrille, A
Pourzandi, M
[J]. COMPUTERS & SECURITY, 2004, 23 (08) : 649 - 658
[5] Conformance of distributed systems
Frey, M
Schlingloff, BH
[J]. TESTING OF COMMUNICATING SYSTEMS, PROCEEDINGS, 2003, 2644 : 163 - 179
[6] Maintaining consistency of the security policy in distributed environment
Ngamsuriyaroj, S
Keefe, TF
Hurson, AR
[J]. CONFERENCE PROCEEDINGS OF THE 2002 IEEE INTERNATIONAL PERFORMANCE, COMPUTING, AND COMMUNICATIONS CONFERENCE, 2002, : 179 - 186
[7] Multilevel Policy Based Security in Distributed Database
Batra, Neera
Singh, Manpreet
[J]. ADVANCES IN COMPUTING AND COMMUNICATIONS, PT I, 2011, 190 : 572 - 580
[8] Policy based interoperability in distributed security infrastructures
Casola, V
Mazzocca, N
Mazzeo, A
Vittorini, V
[J]. CONCURRENT ENGINEERING: ENHANCED INTEROPERABLE SYSTEMS, 2003, : 1027 - 1034
[9] Reliable Security Policy in Mobile Distributed Network
Suganthi, Bhuvana D.
Manjuath, R.
Aravindan, A.
[J]. 2016 IEEE INTERNATIONAL CONFERENCE ON RECENT TRENDS IN ELECTRONICS, INFORMATION & COMMUNICATION TECHNOLOGY (RTEICT), 2016, : 1782 - 1786
[10] Security Policy Conflict Detection for Distributed System
Zhang, AiJuan
Ji, Cheng
Wang, Jian
[J]. ADVANCED RESEARCH ON MATERIAL ENGINEERING, CHEMISTRY AND BIOINFORMATICS, PTS 1 AND 2 (MECB 2011), 2011, 282-283 : 173 - +

← 1 2 3 4 5 →