TY  - JOUR
T1  - A CIM Based Security Policy Refinement Process from Security Objectives to Concrete Configurations
AU - Kalam, Anas Abou El AU - Leroy, Jean-Philippe AU - Bessa, Larbi AU - Mahe, Jean-Marie 
JO  - International Journal of Soft Computing
VL  - 10
IS  - 6
SP  - 369
EP  - 382
PY  - 2015
DA  - 2001/08/19
SN  - 1816-9503
DO  - ijscomp.2015.369.382
UR  - https://makhillpublications.co/view-article.php?doi=ijscomp.2015.369.382
KW  - Security management
KW  -security policy
KW  -CIM (Common Information Model)
KW  -MDA
KW  -performance
AB  - Managing security and configuration in a large scale distributed network is a labor-intensive task, error prone and time-consuming. This is mainly due to the large number and the complexity of security mechanisms that need to be enforced in order to meet the security goals. The misconfiguration of a single security component out of hundreds may cause failures, mainly related to availability, integrity, confidentiality and performance. In this study, we introduce a global framework based on Common Information Model (DMTF CIM) and Model-Driven Architecture (MDA) concepts to address the problem of security policy refinement process. The main goal is to automatize, enhance and simplify the different functions related to security configuration management which is generally manually performed and qualified as a hard-task, especially for large scale networks and systems. The proposed framework includes tree levels of abstraction to bridge the gap between high-level security policies and low-level ones that represent concrete configurations. Moreover, it integrates conflicting resolution mechanisms and proposes an open source based implementation.
ER  -