[announce] NYCBUG: Wednesday, March 7 at the Apple Store

[NYC*BUG Announcements]

March 07, 2007

Matthew Burnside: Integrated Enterprise Security Mgmt

6:30 pm, Soho Apple Store at 103 Prince Street

Integrated Enterprise Security Management

Security policies are a key component in protecting enterprise  
networks. But, while there are many diverse defensive options  
available, current models and mechanisms for mechanically-enforced  
security policies are limited to traditional admission-based access  
control. Defensive capabilities include among others logging,  
firewalls, honeypots, rollback/recovery, and intrusion detection  
systems, while policy enforcement is essentially limited to one-off  
access control. Furthermore, access-control mechanisms operate  
independently on each service, which can (and often does) lead to  
inconsistent or incorrect application of the intended system-wide  
policy. We propose a new scheme for global security policies. Every  
policy decision is made with near-global knowledge, and re-evaluated  
as global knowledge changes. Using a variety of actuators, we make  
the full array of defensive capabilities available to the global  
policy. Our goal is a coherent, enterprise-wide response to any  
network threat.

Biography

Matthew Burnside is a Ph.D. student in the Computer Science  
department at Columbia University, in New York. He works for  
Professor Angelos Keromytis in the Network Security Lab. He received  
his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main  
research interests are in computer security, trust management, and  
network anonymity.