Implementation of a formal security policy refinement process in WBEM architecture

Abstract

Security mechanisms enforcement consists in configuring devices with the aim that they cooperate and guarantee the defined security goals. In the network context, this task is complex due to the number, the nature, and the interdependencies of the devices to consider. In previous papers, we have proposed a formal framework that focuses on network security information management refinement. The framework includes three abstraction levels: the network security objectives, the network security tactics, and the network security device configurations. The information models of each abstraction level (consistency, correctness and feasibility) are formally specified and analyzed. In this paper we present the integration of this formal refinement process in the WBEM initiative in order to provide a management infrastructure that guarantees the validity of the deployed security configuration