STARTS: A decision support architecture for dynamic security configuration management

Configuration of security controls is either static or event driven (such as an incident or in response to recommendations from a risk assessment exercise) in most organizations. These approaches do not adequately protect the organization because threats to information are ever changing and dynamic in nature. STARTS is a decision support architecture for dynamic security management. It is the first security architecture that proposes the use of statistical design of experiments technique for dynamic security configuration adjustment. This is accomplished through ongoing statistical analysis using control sensors. These sensors collaborate with each other on an ongoing basis via a Plackett-Burman matrix and generate recommendations on the adjustments that need to take place in the security configuration to respond to changing threats. In this paper, we describe the STARTS architecture as well as the results from its preliminary implementation.