Automated Security Management, 1st Edition

  • Published By:
  • ISBN-10: 3319014331
  • ISBN-13: 9783319014333
  • DDC: 005.8
  • Grade Level Range: College Freshman - College Senior
  • 187 Pages | eBook
  • Original Copyright 2013 | Published/Released April 2014
  • This publication's content originally published in print form: 2013

  • Price:  Sign in for price



In this contributed volume, leading international researchers explore configuration modeling and checking, vulnerability and risk assessment, configuration analysis, and diagnostics and discovery. The authors equip readers to understand automated security management systems and techniques that increase overall network assurability and usability. These constantly changing networks defend against cyber attacks by integrating hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. Automated Security Management presents a number of topics in the area of configuration automation. Early in the book, the chapter authors introduce modeling and validation of configurations based on high-level requirements and discuss how to manage the security risk as a result of configuration settings of network systems. Later chapters delve into the concept of configuration analysis and why it is important in ensuring the security and functionality of a properly configured system. The book concludes with ways to identify problems when things go wrong and more. A wide range of theoretical and practical content make this volume valuable for researchers and professionals who work with network systems.

Table of Contents

Front Cover.
Half Title Page.
Title Page.
Copyright Page.
1: Configuration Modeling and Checking.
2: Towards a Unified Modeling and Verification of Network and System Security Configurations.
3: Modeling and Checking the Security of DIFC System Configurations.
4: Vulnerability and Risk Assessment.
5: Increasing Android Security Using a Lightweight OVAL-Based Vulnerability Assessment Framework.
6: A Declarative Logic-Based Approach for Threat Analysis of Advanced Metering Infrastructure.
7: Risk Based Access Control Using Classification.
8: Configuration Analytics.
9: GCNav: Generic Configuration Navigation System.
10: The Right Files at the Right Time.
11: Rule Configuration Checking in Secure Cooperative Data Access.
12: Diagnostics and Discovery.
13: Programmable Diagnostic Network Measurement with Localization and Traffic Observation.
14: Discovery of Unexpected Services and Communication Paths in Networked Systems.
15: Tracing Advanced Persistent Threats in Networked Systems.