Proactive monitoring of security policy accomplishment in computer networks

One of topical tasks of policy-based security management is checking that the security policy stated in organization corresponds to its implementation in the computer network. The paper considers an approach to proactive monitoring of security policy performance and security mechanisms functioning. This approach is based on different strategies of automatic imitation of possible users´ actions in the computer network, including exhaustive search, express-analysis and generating the optimized test sequences. It is applicable to different security policies. The paper describes stages, generalized algorithms and main peculiarities of the suggested approach and formal methods used to fulfill the test sequence optimization. We consider the generalized architecture of the proactive monitoring system ¿proactive security scanner¿ (PSC) developed and its implementation.