From announce at lists.nycbug.org Mon Mar 5 20:55:57 2007 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Mon, 5 Mar 2007 20:55:57 -0500 Subject: [announce] NYCBUG: Wednesday, March 7 at the Apple Store Message-ID: March 07, 2007 Matthew Burnside: Integrated Enterprise Security Mgmt 6:30 pm, Soho Apple Store at 103 Prince Street Integrated Enterprise Security Management Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat. Biography Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity. From announce at lists.nycbug.org Wed Mar 7 10:59:40 2007 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Wed, 07 Mar 2007 10:59:40 -0500 Subject: [announce] NYC*BUG Tonight Message-ID: <45EEE16C.7050200@ceetonetechnology.com> March 07, 2007 Matthew Burnside: Integrated Enterprise Security Mgmt 6:30 pm, Soho Apple Store at 103 Prince Street Integrated Enterprise Security Management Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat. Biography Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity.