Multi-Aspect Security Configuration Assessment

Download Now Free registration required

Executive Summary

This paper presents a framework for building security assessment tools able to perform online verification of the security of a system configuration. Heterogeneous data generated from multiple sources are integrated into a homogeneous RDF representation using domain-specific ontologies and used for assessing the security of a configuration toward known attack vectors. Different vocabularies can be defined to express configurations, policies and attacks for each aspect of the security of an organization (e.g., network security, physical security and application level security) in a modular way. By automatically extracting part of the configuration from the network system, the tool is able to detect in near real-time security threats created by configuration changes.

  • Format: PDF
  • Size: 115.3 KB