Abstract :
Security policies are a key component in protecting enterprise networks. There are many defensive options available to these policies, but current mechanically-enforced security policies are limited to traditional admission-based access control. There are defensive capabilities available that include logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, but policy enforcement is essentially limited to allow/deny semantics. Furthermore, access-control mechanisms operate independently on each service, which often leads to inconsistent or incorrect application of the intended system-wide policy. To begin to solve these problems, we propose a new system for defense-in-depth using global security policies. Under a global security policy, every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes, given an initial configuration provided by the administrator. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. We outline our proposal for enterprise-wide security policies, explore the design space, and discuss Arachne, our prototype implementation.
Keywords :
access control; security of data; telecommunication security; Arachne; admission-based access control; enterprise networks; enterprise-wide security; global knowledge; global security policies; integrated enterprise security management; policy decision; system-wide policy; Data security; Databases; IP networks; Information security; Intrusion detection; Modems; Prototypes; Space exploration; Tellurium; Web server;
