Information Technology Reference
In-Depth Information
A Computer Network Defense Policy Refinement Method
Zhao Wei 1 , Yanli Lv 2 , Chunhe Xia 1 , Yang Luo 1 , and Qing Wei 1
1 Key Laboratory of Beijing Network Technology
School of Computer Science and Engineering, Beihang University, Beijing, China
2 Information Center of Ministry of Science and Technology, The Ministry of Science
and Technology of the People's Republic of China, Beijing, China
wz@cse.buaa.edu.cn, lvyl@most.cn, xch@buaa.edu.cn,
veotax@sae.buaa.edu.cn, wq2012_buaa@163.com
Abstract. The existing methods of policy refinement in computer network de-
fense (CND) can only support the refinement of access control policy, but not
the policies of protection, detection, response, and recovery. To solve this prob-
lem, we constructed a computer network defense policy refinement model and
its formalism specification. An algorithm of defense policy refinement is de-
signed. At last, the effectiveness of our methods was verified through one expe-
riment cases of the composition policies with intrusion detection, vulnerabilities
detection, and access control.
Keywords: computer network defense, formalism specifications, policy
refinement, semantic consistency.
1
Introduction
The growing network information system and the emergence of new technology such as
cloud computing and big data have brought up a huge challenge to the efficiency and
accuracy of the network management. It is time-consuming and easy to make mistakes
for the traditional manual network security management in the large- scale network
system. In order to solve these problems, researchers have proposed policy-based
architecture [1], policy-driven management methods [2] to simplify the management for
the complicated and distributed network system, such as cloud framework [3].
Administrator may specify the targets and constraints only in the form of policy. A
policy can be defined as a set of rules. These rules are used to express how to reach a
desired behavior. Policy refinement can complete this process. Policy refinement is a
process of transforming high-level abstract policy to low-level concrete ones[4].
Because of the complicated policy refinement process and manual operation for
some refinement process, some researchers have proposed automatic policy refinement
methods in different fields, such as policy refinement in usage control policies [5].
Reference [6-7] discussed policy refinement methods in the network security
management. However, these policy refinement methods only support the refinement
of access control policies instead of defense policy, such as detection, recovery
policy, et al.
 
Search WWH ::




Custom Search