Sciweavers

ICC
2009
IEEE

Policy-Based Security Configuration Management, Application to Intrusion Detection and Prevention

13 years 10 months ago
Policy-Based Security Configuration Management, Application to Intrusion Detection and Prevention
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defense against the variety of attacks that can compromise the security and well functioning of an enterprise information system. IDPSes can be network or host-based and can collaborate in order to provide better detections of malicious traffic. Although several IDPS systems have been proposed, their appropriate configuration and control for effective detection and prevention of attacks has always been far from trivial. Another concern is related to the slowing down of system performance when maximum security is applied, hence the need to trade off between security enforcement levels and the performance and usability of an enterprise information system. In this paper we motivate the need for and present a policy-based framework for the configuration and control of the security enforcement mechanisms of an enterprise information system. The approach is based on dynamic adaptation of security measures ba...
Khalid Alsubhi, Issam Aib, Jérôme Fra
Added 18 Feb 2011
Updated 18 Feb 2011
Type Journal
Year 2009
Where ICC
Authors Khalid Alsubhi, Issam Aib, Jérôme François, Raouf Boutaba
Comments (0)