Protecting services from security mis-configuration

Hadaad, Nabeel and Drury, Luke and Addie, Ronald G. (2015) Protecting services from security mis-configuration. In: 25th International Telecommunication Networks and Applications Conference (ITNAC 2015), 18-20 Nov 2015, Sydney, Australia.

Abstract

It is understood that ICT security can be defined and enforced through rules. In this paper, the concept of rules which define and ensure users’ access to services is introduced. Examples of how service is hindered by otherwise sensible security rules are presented. Service protection policies are then described which can help to prevent these compromises to service and assist us to measure this impact where it occurs. These examples include demonstration in some cases of how the combined collection of rules (security and service protection) can be enforced and maintained. The concept of service protection policies is introduced. We use ns3 and Click in simulations to check the consistency of aggregate security policy by checking that service protection rules are valid. We show that these can improve the performance of the network experienced by users and increase network security.


Statistics for USQ ePrint 27809
Statistics for this ePrint Item
Item Type: Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)
Refereed: Yes
Item Status: Live Archive
Additional Information: Permanent restricted access to Published version, in accordance with the copyright policy of the publisher.
Faculty / Department / School: Current - Faculty of Health, Engineering and Sciences - School of Agricultural, Computational and Environmental Sciences
Date Deposited: 30 Jun 2016 00:45
Last Modified: 04 Oct 2017 01:26
Fields of Research : 16 Studies in Human Society > 1602 Criminology > 160206 Private Policing and Security Services
Identification Number or DOI: 10.1109/ATNAC.2015.7366799
URI: http://eprints.usq.edu.au/id/eprint/27809

Actions (login required)

View Item Archive Repository Staff Only