KEYWORDS: Network security, Systems modeling, Information security, Computer security, System identification, Data processing, Data modeling, Classification systems, Defense and security, Chemical elements
Today's enterprise networks undergo a relentless barrage of attacks from foreign and domestic adversaries. These
attacks may be perpetrated with little to no funding, but may wreck incalculable damage upon the enterprises security,
network infrastructure, and services. As more services come online, systems that were once in isolation now provide
information that may be combined dynamically with information from other systems to create new meaning on the fly.
Security issues are compounded by the potential to aggregate individual pieces of information and infer knowledge at a
higher classification than any of its constituent parts.
To help alleviate these challenges, in this paper we introduce the notion of semantic policy and discuss how it's use is
evolving from a robust approach to access control to preempting and combating attacks in the cyber domain, The
introduction of semantic policy and adversarial modeling to network security aims to ask 'where is the network most
vulnerable', 'how is the network being attacked', and 'why is the network being attacked'. The first aspect of our
approach is integration of semantic policy into enterprise security to augment traditional network security with an overall
awareness of policy access and violations. This awareness allows the semantic policy to look at the big picture -
analyzing trends and identifying critical relations in system wide data access.
The second aspect of our approach is to couple adversarial modeling with semantic policy to move beyond reactive
security measures and into a proactive identification of system weaknesses and areas of vulnerability. By utilizing
Bayesian-based methodologies, the enterprise wide meaning of data and semantic policy is applied to probability and
high-level risk identification. This risk identification will help mitigate potential harm to enterprise networks by enabling
resources to proactively isolate, lock-down, and secure systems that are most vulnerable.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.