A Multi-Agent Based Framework for Managing Security Policies

Abstract

The revolution of new technologies and internet has motivated organizations expanding their networks to provide more services to customers and employees. Although the benefits gained, organizational assets become more vulnerable. Security become an important concern in today networked environments. As the underlying environments are complicated and dynamic, Security solutions should be flexible, scalable, and can integrate to achieve organizational security needs. Policy-based management, as one of the latest approaches for network, distributed systems, and security management, ia promising solution for the security management problem. It introduces security policies as abstraction of the business needs away from security solutions that implement the business needs. Security policy specification, security policy configuration, security policies conflicts detection, policy enforcement, and deployment are critical issues that need to be clearly defined any policy-based management. With the increase of the organization scale, security officers exert more efforts to cover the organizational security needs and impact of changes in business objectives, hence come the need to automated security policy management system.

The Proposed framework is a new idea in automating the security policy management process. The framework is based on mobile agents. It provides an XML/Ontology-based standard security policy language (SSPL), architecture for deploying policies based on SSPL, security solutions integration interface, and a set of helping tools for specifying and managing policies. The SSPL is aimed to be a standard, formal and readable security policy specification language. It helps in eliminating problems of writing security policies in natural languages or the developed security policy specification languages. The XML technology gives SSPL the formalization (in syntax) while ontology adds the semantics and analyzing capabilities to SSPL.

The proposed architecture simplifies/automates the mapping phase among security policies and security solutions by introducing abstraction tier between policy development tier and security solutions tier and using mobile agents for communication among them. ¬¬¬The proposed security solutions integration interface is a software driver that defines and manages how security solutions integrate with the proposed framework. It acts as a communication channel between the framework and the security solutions deployed.

The framework eliminates ambiguities of using natural languages in specifying security policies, eliminates the needs to learn many of the existing security policy specification languages to be able to specify the whole organizational security policies, eliminates difficulties associated with configuring heterogeneous security solutions, and automates the impact of the changes in security policies configurations. The framework is designed to be as flexible and extensible to cover new policies, new policy domains, and capable to integrate with new security solutions seamlessly.