Self-configuration of network security

Huoping Chen, Youssif B. Al-Nashif, Guangzhi Qu, Salim A Hariri

Research output: Chapter in Book/Report/Conference proceedingConference contribution

13 Citations (Scopus)

Abstract

The proliferation of networked systems and services along with their exponential growth in complexity and size has increased the control and management complexity of such systems and services by several orders of magnitude. As a result, management tools have failed to cope with and handle the complexity, dynamism, and coordination among network attacks. In this paper, we present a self-configuration approach to control and manage the security mechanisms of large scale networks. Self-configuration enables the system to automatically configure security system and change the configuration of its resources and their operational policies at runtime in order to manage the system security. Our Self-configuration approach is implemented using two software modules: Component Management Interface (CMI) to specify the configuration and operational policies associated with each component that can be a hardware resource or a software component; and Component Runtime Manger (CRM) that manages the component operations using the policies defined in CMI. We have used the Self-configuration framework to experiment with and evaluate different mechanisms and strategies to detect and protect against a wide range of network attacks.

Original languageEnglish (US)
Title of host publicationProceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC
Pages97-108
Number of pages12
DOIs
StatePublished - 2007
Event11th IEEE International Enterprise Distributed Object Computing Conference, EDOC 2007 - Annapolis, MD, United States
Duration: Oct 15 2007Oct 19 2007

Other

Other11th IEEE International Enterprise Distributed Object Computing Conference, EDOC 2007
CountryUnited States
CityAnnapolis, MD
Period10/15/0710/19/07

Fingerprint

Network security
Security systems
Hardware
Experiments

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Chen, H., Al-Nashif, Y. B., Qu, G., & Hariri, S. A. (2007). Self-configuration of network security. In Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC (pp. 97-108). [4383985] https://doi.org/10.1109/EDOC.2007.4383985

Self-configuration of network security. / Chen, Huoping; Al-Nashif, Youssif B.; Qu, Guangzhi; Hariri, Salim A.

Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC. 2007. p. 97-108 4383985.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chen, H, Al-Nashif, YB, Qu, G & Hariri, SA 2007, Self-configuration of network security. in Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC., 4383985, pp. 97-108, 11th IEEE International Enterprise Distributed Object Computing Conference, EDOC 2007, Annapolis, MD, United States, 10/15/07. https://doi.org/10.1109/EDOC.2007.4383985
Chen H, Al-Nashif YB, Qu G, Hariri SA. Self-configuration of network security. In Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC. 2007. p. 97-108. 4383985 https://doi.org/10.1109/EDOC.2007.4383985
Chen, Huoping ; Al-Nashif, Youssif B. ; Qu, Guangzhi ; Hariri, Salim A. / Self-configuration of network security. Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC. 2007. pp. 97-108
@inproceedings{9238bf17ebc34bf6be28f6e6667b979f,
title = "Self-configuration of network security",
abstract = "The proliferation of networked systems and services along with their exponential growth in complexity and size has increased the control and management complexity of such systems and services by several orders of magnitude. As a result, management tools have failed to cope with and handle the complexity, dynamism, and coordination among network attacks. In this paper, we present a self-configuration approach to control and manage the security mechanisms of large scale networks. Self-configuration enables the system to automatically configure security system and change the configuration of its resources and their operational policies at runtime in order to manage the system security. Our Self-configuration approach is implemented using two software modules: Component Management Interface (CMI) to specify the configuration and operational policies associated with each component that can be a hardware resource or a software component; and Component Runtime Manger (CRM) that manages the component operations using the policies defined in CMI. We have used the Self-configuration framework to experiment with and evaluate different mechanisms and strategies to detect and protect against a wide range of network attacks.",
author = "Huoping Chen and Al-Nashif, {Youssif B.} and Guangzhi Qu and Hariri, {Salim A}",
year = "2007",
doi = "10.1109/EDOC.2007.4383985",
language = "English (US)",
isbn = "0769528910",
pages = "97--108",
booktitle = "Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC",

}

TY - GEN

T1 - Self-configuration of network security

AU - Chen, Huoping

AU - Al-Nashif, Youssif B.

AU - Qu, Guangzhi

AU - Hariri, Salim A

PY - 2007

Y1 - 2007

N2 - The proliferation of networked systems and services along with their exponential growth in complexity and size has increased the control and management complexity of such systems and services by several orders of magnitude. As a result, management tools have failed to cope with and handle the complexity, dynamism, and coordination among network attacks. In this paper, we present a self-configuration approach to control and manage the security mechanisms of large scale networks. Self-configuration enables the system to automatically configure security system and change the configuration of its resources and their operational policies at runtime in order to manage the system security. Our Self-configuration approach is implemented using two software modules: Component Management Interface (CMI) to specify the configuration and operational policies associated with each component that can be a hardware resource or a software component; and Component Runtime Manger (CRM) that manages the component operations using the policies defined in CMI. We have used the Self-configuration framework to experiment with and evaluate different mechanisms and strategies to detect and protect against a wide range of network attacks.

AB - The proliferation of networked systems and services along with their exponential growth in complexity and size has increased the control and management complexity of such systems and services by several orders of magnitude. As a result, management tools have failed to cope with and handle the complexity, dynamism, and coordination among network attacks. In this paper, we present a self-configuration approach to control and manage the security mechanisms of large scale networks. Self-configuration enables the system to automatically configure security system and change the configuration of its resources and their operational policies at runtime in order to manage the system security. Our Self-configuration approach is implemented using two software modules: Component Management Interface (CMI) to specify the configuration and operational policies associated with each component that can be a hardware resource or a software component; and Component Runtime Manger (CRM) that manages the component operations using the policies defined in CMI. We have used the Self-configuration framework to experiment with and evaluate different mechanisms and strategies to detect and protect against a wide range of network attacks.

UR - http://www.scopus.com/inward/record.url?scp=47949089659&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=47949089659&partnerID=8YFLogxK

U2 - 10.1109/EDOC.2007.4383985

DO - 10.1109/EDOC.2007.4383985

M3 - Conference contribution

AN - SCOPUS:47949089659

SN - 0769528910

SN - 9780769528915

SP - 97

EP - 108

BT - Proceedings - IEEE International Enterprise Distributed Object Computing Workshop, EDOC

ER -