Archivio Istituzionale della RicercaNetwork architectures and applications are becoming increasingly complex. Several approaches to automatically enforce configurations on devices, applications and services have been proposed, such as Policy-Based Network Management (PBNM). However, the management of enforced configurations in production environments (e.g. data center) is a crucial and complex task. For example, updates on firewall configuration to change a set of rules. Although this task is fundamental for complex systems, few effective solutions have been proposed for monitoring and managing enforced configurations. This work proposes a novel approach to monitor and manage enforced configurations in production environments. The main contributions of this paper are a formal model to identify/generate traffic flows and to verify the enforced configurations, and a slim and transparent framework to perform the policy assessment. We have implemented and validated our approach in a virtual environment in order to evaluate different scenarios. The results demonstrate that the prototype is effective and has good performance, therefore our model can be effectively used to analyse several types of IT infrastructures. A further interesting result is that our approach is complementary to PBNM.
Online and offline security policy assessment / Valenza, Fulvio; Vallini, Marco; Lioy, Antonio. - STAMPA. - (2016), pp. 101-104. (Intervento presentato al convegno MIST’16: 8th ACM CCS international workshop on Managing Insider Security Threats tenutosi a Vienna (Austria) nel October 28, 2016) [10.1145/2995959.2995970].
Online and offline security policy assessment
VALENZA, FULVIO;VALLINI, MARCO;LIOY, ANTONIO
2016
Abstract
Network architectures and applications are becoming increasingly complex. Several approaches to automatically enforce configurations on devices, applications and services have been proposed, such as Policy-Based Network Management (PBNM). However, the management of enforced configurations in production environments (e.g. data center) is a crucial and complex task. For example, updates on firewall configuration to change a set of rules. Although this task is fundamental for complex systems, few effective solutions have been proposed for monitoring and managing enforced configurations. This work proposes a novel approach to monitor and manage enforced configurations in production environments. The main contributions of this paper are a formal model to identify/generate traffic flows and to verify the enforced configurations, and a slim and transparent framework to perform the policy assessment. We have implemented and validated our approach in a virtual environment in order to evaluate different scenarios. The results demonstrate that the prototype is effective and has good performance, therefore our model can be effectively used to analyse several types of IT infrastructures. A further interesting result is that our approach is complementary to PBNM.
| File | Dimensione | Formato | |
|---|---|---|---|
|
2016MIST.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
452.77 kB
Formato
Adobe PDF
|
452.77 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
2016MIST_author.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
165.71 kB
Formato
Adobe PDF
|
165.71 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2650400