Security Policy Consistency

With the advent of wide security platforms able to express simultaneously all the policies comprising an organization's global security policy, the problem of inconsistencies within security policies become harder and more relevant. We have defined a tool based on the CHR language which is able to detect several types of inconsistencies within and between security policies and other specifications, namely workflow specifications. Although the problem of security conflicts has been addressed by several authors, to our knowledge none has addressed the general problem of security inconsistencies, on its several definitions and target specifications.Comment: To appear in the first CL2000 workshop on Rule-Based Constraint Reasoning and Programmin

Path-based Access Control for Enterprise Networks

Enterprise networks are ubiquitious and increasingly complex. The mechanisms for defining security policies in these networks have not kept up with the advancements in networking technology. In most cases, system administrators must define policies on a per-application basis, and subsequently, these policies do not interact. For example, there is no mechanism that allows a firewall to communicate decisions based on its ruleset to a web server behind it, even though decisions being made at the firewall may be relevant to decisions made at the web server. In this paper, we describe a path-based access control system which allows applications in a network to pass access-control-related information to neighboring applications, as the applications process requests from outsiders and from each other. This system defends networks against a class of attacks wherein individual applications may make correct access control decisions but the resulting network behavior is incorrect. We demonstrate the system on service-oriented architecture (SOA)-style networks, in two forms, using graph-based policies, and leveraging the KeyNote trust management system

Exploring the firewall security consistency in cloud computing during live migration

Virtualization technology adds great opportunities and challenges to the cloud computing paradigm. Resource management can be efficiently enhanced by employing Live Virtual Machine Migration (LVMM) techniques. Based on the literature of LVMM implementation in the virtualization environment, middle-boxes such as firewalls do not work effectively after LVMM as it introduces dynamic changes in network status and traffic, which may lead to critical security vulnerabilities. One key security hole is that the security context of the firewall do not move with the Virtual Machine after LVMM is triggered. This leads to inconsistency in the firewall level of protection of the migrated Virtual Machine. There is a lack in the literature of practical studies that address this problem in cloud computing platform. This paper demonstrates a practical analysis using OpenStack testbed to study the firewalls limitations in protecting virtual machines after LVMM. Two network scenarios are used to evaluate this problem. The results show that the security context problem does not exist in the stateless firewall but can exist in the stateful firewall

Dynamic Trust Management

Trust management forms the basis for communicating policy among system elements and demands credential checking for access to all virtual private service resources—along with careful evaluation of credentials against specified policies—before a party can be trusted

Automatic Verification of Conformance of Firewall Configurations to Security Policies

International audienceThe configuration of firewalls is highly error prone and automated solution are needed in order to analyze its correctness. We propose a formal and automatic method for checking whether a firewall reacts correctly wrt a security policy given in an high level declarative language. When errors are detected, some feedback is returned to the user in order to correct the firewall configuration. Furthermore, the procedure verifies that no conflicts exist within the security policy. We show that our method is both correct and complete. Finally, it has been implemented in a prototype of verifier based on a satisfiability solver modulo theories (SMT). Experiment conducted on relevant case studies demonstrate the efficiency and scalability of the approach

Organizational and Team Culture as Antecedents of Protection Motivation Among IT Employees

The rapid development of technology and information systems has led to higher information security-related issues in an organization. The age of remote working (i.e., telecommuting) has further increased information security related incidents that need to be adequately addressed. This paper extends the protection motivation theory by drawing insights from organizational and institutional theory literature to examine how organizational culture and subcultures such as team culture impact information security compliance. The primary objective of this study is to understand the impact of the dimensions of organizational culture and team culture on employees’ perceived threats and coping motivation associated with information security compliance. The study applied structural equation modeling to analyze survey responses of 341 IT employees in the United States. The result of the study indicates that both organization and team culture impacts employees’ perception to appraise threat and coping, which in turn impacts behavioral intention to comply with information security policies. The findings of this study con- tribute to the information security compliance research by demonstrating the importance of developing an information security culture within an organization and its subgroups

Dynamic Secure Interconnection for Security Enhancement in Cloud Computing

Cloud computing brings efficiency improvement on resource utilization nd other benefits such as on-demand service provisioning, location independence and biquitous access, elastic resource pooling, pay as usage pricing mode, etc. However, t also introduces new security issues because the data management and ownership re separated, and the management is operated on a virtualized platform. In this paper,  novel dynamic secure interconnection (DSI) mechanism is proposed to isolate he cloud computing system into a couple of dynamic virtual trust zones with different ecurity policies implemented for different customers so as to enhance security. xperimental results are presented to demonstrate the feasibility and effectiveness of he DSI mechanism

When risk does not trigger policy change: the case of Georgia's approach to the protection of critical infrastructure

As the world becomes more dependent on technology and interconnected systems, the need for robust critical infrastructure protection measures has become increasingly important for countries worldwide. Protecting critical infrastructure, such as pipelines, railways, networks of telecommunication, and many more, is vital for safeguarding essential systems and services from different threats, such as cyber-attacks, physical threats, natural disasters, and so on, ensuring the continuity of daily life and national security. Against this background, this study seeks to explore the continuity of policy in Georgia regarding critical infrastructure protection, or in fact the absence of a policy for critical infrastructure protection, since in time period of interest for this study, no such policy has been developed. The fact that there is no legal framework that regulates this issue seems puzzling, given both the rising significance of this all over the world and the security threats faced by Georgia in the last two decades. In order to understand the reasons behind the continued absence of a legal framework for critical infrastructure protection, this thesis employs the theories of policy change and non-change to look for possible factors hindering policy change in Georgia. Utilizing elite and expert interviews together with legal documents of Georgia, this thesis came to the conclusion that the prime reason for the enduring absence of a policy framework regarding critical infrastructure protection, are historical legacies of Georgian policy-making, which contains in itself several themes and topics such as general neglect towards security issues and path-dependent nature of institutions. This means that the historical institutionalist account seems particularly well suited to account for the enduring absence of such a policy framework in Georgia