Supporting vulnerability awareness in autonomic networks and systems with OVAL

Authors:
Martín Barrère;Rémi Badonnel;Olivier Festor
Affiliations:
INRIA Nancy Grand Est - LORIA, Villers Les Nancy, France;INRIA Nancy Grand Est - LORIA, Villers Les Nancy, France;INRIA Nancy Grand Est - LORIA, Villers Les Nancy, France
Venue:
Proceedings of the 7th International Conference on Network and Services Management
Year:
2011

Citing 12
Cited 1

A requires/provides model for computer attacks

Proceedings of the 2000 workshop on New security paradigms
Scalable, graph-based network vulnerability analysis

Proceedings of the 9th ACM conference on Computer and communications security
The Vision of Autonomic Computing

Computer
Towards Autonomic Minimization of Security Vulnerabilities Exploitation in Hybrid Network Environments

ICAS-ICNS '05 Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services
MulVAL: a logic-based network security analyzer

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Enabling Self-Configuration in Autonomic Systems Using Case-Based Reasoning with Improved Efficiency

ICAS '08 Proceedings of the Fourth International Conference on Autonomic and Autonomous Systems
ACML: Capability Based Attack Modeling Language

IAS '08 Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security
Dynamic dependencies and performance improvement

LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
Improving IT Change Management Processes with Automated Risk Assessment

DSOM '09 Proceedings of the 20th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Integrated Management of Systems, Services, Processes and People in IT
Vulnerability Management

Vulnerability Management
TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection

SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Change Priority Determination in IT Service Management Based on Risk Exposure

IEEE Transactions on Network and Service Management

Collaborative remediation of configuration vulnerabilities in autonomic networks and systems

Proceedings of the 8th International Conference on Network and Service Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Changes that are operated by autonomic networks and systems may generate vulnerabilities and increase the exposure to security attacks. We present in this paper a new approach for increasing vulnerability awareness in such self-managed environments. Our objective is to enable autonomic networks to take advantage of the knowledge provided by vulnerability descriptions in order to maintain safe configurations. In that context, we propose a modeling and an architecture for automatically translating these descriptions into policy rules that are interpretable by an autonomic configuration system. We also describe an implementation prototype and evaluate its performance through an extensive set of experiments.