Model-Based Validation of Enterprise Access Policies
Click here to download now
Overview: This white papers presents a model-driven technique for automated policy-based access analysis. Based on the ideas presented in this paper, a prototype is built, the Integrated Security Management (ISM) system which, given the security configurations of hosts, applications and network devices, automatically validates whether the enterprise is in compliance with high-level enterprise access policy. The system relies on composable models that capture the access control semantics of applications, middleware and devices, in a manner that enables efficient enterprise scale analysis.