Next Article in Journal
Thermalization of Finite Many-Body Systems by a Collision Model
Next Article in Special Issue
From Key Encapsulation to Authenticated Group Key Establishment—A Compiler for Post-Quantum Primitives
Previous Article in Journal
CASMI—An Entropic Feature Selection Method in Turing’s Perspective
Previous Article in Special Issue
Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core
 
Search for Articles:
Title / Keyword
Author / Affiliation
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
Journals
Entropy
Volume 21
Issue 12
10.3390/e21121180
entropy-logo
Submit to this Journal Review for this Journal Edit a Special Issue
Article Menu

Article Menu

share announcement textsms
...
Open AccessArticle

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

by Diego Rivera *, Fernando Monje, Victor A. Villagrá, Mario Vega-Barbas, Xavier Larriva-Novo and Julio Berrocal
ETSI de Telecomunicación, Departamento de Ingeniería de Servicios Telemáticos, Universidad Politécnica de Madrid (UPM), Avda. Complutense 30, 28040 Madrid, Spain
*
Author to whom correspondence should be addressed.
Entropy 2019, 21(12), 1180; https://doi.org/10.3390/e21121180
Received: 20 September 2019 / Revised: 15 November 2019 / Accepted: 26 November 2019 / Published: 30 November 2019
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
View Full-Text Download PDF
Browse Figures

Abstract

The increasing number of cyber-attacks, their potential destructive capabilities, and the enormous threat they pose for organizations, require the constant design and development of new, faster, and easier to use systems to address them. The automation of security enforcement systems is one of the most important techniques for enabling a fast response to security challenges, but the complexity of security management might hinder the successful achievement of the desired security. Our proposal integrates the automatic enforcement of security rules based on intrusion detection systems with the definition of a high-level user-centered language for the definition of policies. We have designed a translation process from this language to specific network-wise and device-aware rules that can be installed and enforced. The deployment of these rules is determined by an automatic risk assessment process ruled by the detection system monitoring the network. This way, both the automation and easiness of use goals can be achieved using an integrated system. The solution was tested and validated in two different virtualized networks. View Full-Text
Keywords: cybersecurity; security policies; automatic response systems; firewalls; risk assessment cybersecurity; security policies; automatic response systems; firewalls; risk assessment
Show Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
SciFeed

Share and Cite

MDPI and ACS Style

Rivera, D.; Monje, F.; Villagrá, V.A.; Vega-Barbas, M.; Larriva-Novo, X.; Berrocal, J. Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language. Entropy 2019, 21, 1180.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Metrics

Article Access Map by Country/Region

1
Back to TopTop