[announce] NYC*BUG Tonight

[NYC*BUG Announcements]

March 07, 2007

Matthew Burnside: Integrated Enterprise Security Mgmt

6:30 pm, Soho Apple Store at 103 Prince Street

Integrated Enterprise Security Management

Security policies are a key component in protecting enterprise networks.
But, while there are many diverse defensive options available, current
models and mechanisms for mechanically-enforced security policies are
limited to traditional admission-based access control. Defensive
capabilities include among others logging, firewalls, honeypots,
rollback/recovery, and intrusion detection systems, while policy
enforcement is essentially limited to one-off access control.
Furthermore, access-control mechanisms operate independently on each
service, which can (and often does) lead to inconsistent or incorrect
application of the intended system-wide policy. We propose a new scheme
for global security policies. Every policy decision is made with
near-global knowledge, and re-evaluated as global knowledge changes.
Using a variety of actuators, we make the full array of defensive
capabilities available to the global policy. Our goal is a coherent,
enterprise-wide response to any network threat.

Biography

Matthew Burnside is a Ph.D. student in the Computer Science department
at Columbia University, in New York. He works for Professor Angelos
Keromytis in the Network Security Lab. He received his B.A and M.Eng
from MIT in 2000, and 2002, respectively. His main research interests
are in computer security, trust management, and network anonymity.