Using Contextual Security Policies for Threat Response

Debar, Hervé; Thomas, Yohann; Boulahia-Cuppens, Nora; Cuppens, Frédéric

doi:10.1007/11790754_7

Cited by 15 publications

(11 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Proposals like [18] and [19] deal with the deployment of reactive policies to neutralize security threats. In [19], the threats are modeled as contexts. Then, standard IDMEF alerts are mapped to the contexts.…”

Section: Policy Based Network Managementmentioning

confidence: 99%

Dynamic deployment of context-aware access control policies for constrained security devices

Preda

Cuppens

Cuppens-Boulahia

et al. 2011

Journal of Systems and Software

Self Cite

View full text Add to dashboard Cite

Section: Policy Based Network Managementmentioning

confidence: 99%

Dynamic deployment of context-aware access control policies for constrained security devices

Preda

Cuppens

Cuppens-Boulahia

et al. 2011

Journal of Systems and Software

Self Cite

View full text Add to dashboard Cite

“…However, neither [18] nor [26] give clear indication about the response strategy or the mapping from alerts to countermeasures. [15] and [16] deal with deploying a security policy and with providing responses to security threats. In [16] the threats are modeled as contexts and the IDMEF alerts are mapped to contexts.…”

Section: Related Workmentioning

confidence: 99%

“…[15] and [16] deal with deploying a security policy and with providing responses to security threats. In [16] the threats are modeled as contexts and the IDMEF alerts are mapped to contexts. In [15] not only contexts but new policy instances are derived as a result of IDMEF alerts.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Semantic context aware security policy deployment

Preda¹,

Cuppens²,

Cuppens-Boulahia³

et al. 2009

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

Self Cite

View full text Add to dashboard Cite

The successful deployment of a security policy is closely related not only to the complexity of the security requirements but also to the capabilities/functionalities of the security devices. The complexity of the security requirements is additionally increased when contextual constraints are taken into account. Such situations appear when addressing the dynamism of some security requirements or when searching a finer granularity for the security rules. The context denotes those specific conditions in which the security requirements are to be met. (Re)deploying a contextual security policy depends on the security device functionalities: either (1) the devices include all functionalities necessary to deal with a context and the policy is consequently deployed for ensuring its automatic changes or (2) the devices do not have the right functionalities to entirely interpret a contextual requirement. We present a solution to cope with this issue: the (re)deployment of access control policies in a system that lacks the necessary functionalities to deal with contexts.

show abstract

“…The two main approaches being used by researchers for establishing security requirements are the threat analysis-based approach and the evaluation criteria-based approach. Threat analysis is essential and has been studied intensively by reseachers (Debar et al, 2006;Thomson & von Solms, 1998;von Solms, 1996;von Solms et al, 1994;White, Fisch, & Pooch, 1996;Whitman, 2004). However, as evaluation processes for computing environment security evolved and computing technologies progressed, the standard evaluation criteria-based approach gained in popularity among researchers.…”

Section: Introductionmentioning

confidence: 99%

Security Functional Components for Building a Secure Network Computing Environment

Singh

Patterh

2007

Information Systems Security

View full text Add to dashboard Cite

It is difficult to define reliable security policy components that should be applied to validate a secure computing environment. The job gets further complicated when one has to deal with multiple policies in single computing environment. This paper demonstrates how we can overcome the difficulties of defining reliable security components by using evaluation criteria. In this paper we use common criteria to derive the security functional components for a multipolicy-based network computing environment. In the verification process, the derived policy components are related to the specific security objectives of the network communication environment. The evidence listed in the case study supports the claims that the proposed network security policy interpretation framework is a complete and cohesive set of requirements.

show abstract

Using Contextual Security Policies for Threat Response

Cited by 15 publications

References 10 publications

Dynamic deployment of context-aware access control policies for constrained security devices

Dynamic deployment of context-aware access control policies for constrained security devices

Semantic context aware security policy deployment

Security Functional Components for Building a Secure Network Computing Environment

Contact Info

Product

Resources

About