CORE
🇺🇦
make metadata, not war
Services
Services overview
Explore all CORE services
Access to raw data
API
Dataset
FastSync
Content discovery
Recommender
Discovery
OAI identifiers
OAI Resolver
Managing content
Dashboard
Bespoke contracts
Consultancy services
Support us
Support us
Membership
Sponsorship
Community governance
Advisory Board
Board of supporters
Research network
About
About us
Our mission
Team
Blog
FAQs
Contact us
Efficient Semantic Representation of Network Access Control Configuration for Ontology-based Security Analysis
Authors
Jürgen Beyerer
Florian Patzer
Publication date
27 October 2021
Publisher
SciTePress
Doi
Cite
Abstract
Assessing countermeasures and the sufficiency of security-relevant configurations within networked system architectures is a very complex task. Even the configuration of single network access control (NAC) instances can be too complex to analyse manually. Therefore, model-based approaches have manifested themselves as a solution for computer-aided configuration analysis. Unfortunately, current approaches suffer from various issues like coping with configuration-language heterogeneity or the analysis of multiple NAC instances as one overall system configuration, which is the case for the maturity of analysis goals. In this paper, we show how deriving and modelling NAC configurations’ effects solves the majority of these issues by allowing generic and simplified security analysis and model extension. The paper further presents the underlying modelling strategy to create such configuration effect representations (hereafter referred to as effective configuration) and explains how analyses based on previous approaches can still be performed. Moreover, the linking between rule representations and effective configuration is demonstrated, which enables the tracing of issues, found in the effective configuration, back to specific rules. Copyright © 2021 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserve
Similar works
Full text
Open in the Core reader
Download PDF
Available Versions
KITopen
See this paper in CORE
Go to the repository landing page
Download from data provider
oai:EVASTAR-Karlsruhe.de:10001...
Last time updated on 12/12/2021