Next Article in Journal
Thermalization of Finite Many-Body Systems by a Collision Model
Next Article in Special Issue
From Key Encapsulation to Authenticated Group Key Establishment—A Compiler for Post-Quantum Primitives
Previous Article in Journal
CASMI—An Entropic Feature Selection Method in Turing’s Perspective
Previous Article in Special Issue
Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core
Open AccessArticle

Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language

ETSI de Telecomunicación, Departamento de Ingeniería de Servicios Telemáticos, Universidad Politécnica de Madrid (UPM), Avda. Complutense 30, 28040 Madrid, Spain
*
Author to whom correspondence should be addressed.
Entropy 2019, 21(12), 1180; https://doi.org/10.3390/e21121180
Received: 20 September 2019 / Revised: 15 November 2019 / Accepted: 26 November 2019 / Published: 30 November 2019
(This article belongs to the Special Issue Blockchain: Security, Challenges, and Opportunities)
The increasing number of cyber-attacks, their potential destructive capabilities, and the enormous threat they pose for organizations, require the constant design and development of new, faster, and easier to use systems to address them. The automation of security enforcement systems is one of the most important techniques for enabling a fast response to security challenges, but the complexity of security management might hinder the successful achievement of the desired security. Our proposal integrates the automatic enforcement of security rules based on intrusion detection systems with the definition of a high-level user-centered language for the definition of policies. We have designed a translation process from this language to specific network-wise and device-aware rules that can be installed and enforced. The deployment of these rules is determined by an automatic risk assessment process ruled by the detection system monitoring the network. This way, both the automation and easiness of use goals can be achieved using an integrated system. The solution was tested and validated in two different virtualized networks. View Full-Text
Keywords: cybersecurity; security policies; automatic response systems; firewalls; risk assessment cybersecurity; security policies; automatic response systems; firewalls; risk assessment
Show Figures

Figure 1

MDPI and ACS Style

Rivera, D.; Monje, F.; Villagrá, V.A.; Vega-Barbas, M.; Larriva-Novo, X.; Berrocal, J. Automatic Translation and Enforcement of Cybersecurity Policies Using A High-Level Definition Language. Entropy 2019, 21, 1180.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop