DocumentCode
1220609
Title
SAT-solving approaches to context-aware enterprise network security management
Author
Homer, John ; Ou, Xinming
Author_Institution
Kansas State Univ., Manhattan, KS
Volume
27
Issue
3
fYear
2009
fDate
4/1/2009 12:00:00 AM
Firstpage
315
Lastpage
322
Abstract
Enterprise network security management is a complex task of balancing security and usability, with trade-offs often necessary between the two. Past work has provided ways to identify intricate attack paths due to misconfiguration and vulnerabilities in an enterprise system, but little has been done to address how to correct the security problems within the context of various other requirements such as usability, ease of access, and cost of countermeasures. This paper presents an approach based on Boolean satisfiability solving (SAT solving) that can reason about attacks, usability requirements, cost of actions, etc. in a unified, logical framework. Preliminary results show that the approach is both effective and efficient.
Keywords
computer network management; risk analysis; telecommunication security; Boolean satisfiability solving; computer network management; computer network security; context-aware enterprise network security management; risk analysis; Application software; Computer network management; Computer networks; Computer security; Costs; Humans; Information security; National security; Risk analysis; Usability; Boolean Satisfiability Problem (SAT), Computer Network Management, Computer Network Security, Risk Analysis, Security;
fLanguage
English
Journal_Title
Selected Areas in Communications, IEEE Journal on
Publisher
ieee
ISSN
0733-8716
Type
jour
DOI
10.1109/JSAC.2009.090407
Filename
4808475
Link To Document