next up previous contents
Next: 2.1.1 The monitoring application Up: 2. An adaptive security Previous: 2. An adaptive security

2.1 Components of an adaptive security system

The idea behind a dynamic system is that it contains some form of logic to decide what actions to take based on an analysis of the information that is being provided. This information is ideally gathered in real-time by some sort of monitoring system. The decisions of the system are then to be enforced. This could be done manually, as most of the security enforcing systems like firewalls or authentication software are already supposed to be there. However, in order to react in real-time an automated solution is needed. This would also reduce the chance of human errors in reconfiguring the devices.

In order to make a correct decision, the analysing system needs basic information about the environment it is watching and about the situations that require it to take action. Basically, information about the environment is the output from the risk analysis stage. The decision rules are derived from a security policy. Once a specific decision has been taken one might be interested to know what the decision was and what the reasons were for the specific action to be selected.

The whole system might require the aid from other systems to be able to operate correctly and in a secure fashion. Also, it might be interesting to couple similar systems together for improved manageability.

Based upon this description, we will now identify the components that are needed to provide a coherent modular dynamic security system.

Figure 2.1 can serve as guidance to the following paragraphs.

  
Figure 2.1: The adaptive security management framework
\resizebox*{1\textwidth}{!}{\includegraphics{ans_general_model_0.eps}}




 
next up previous contents
Next: 2.1.1 The monitoring application Up: 2. An adaptive security Previous: 2. An adaptive security
(c) 1998, Filip Schepers