Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

Mesmerize - an Open Framework for Enterprise Security Management

Bradley, D. and Josang, A.

    We have identified five problems that inhibit effective enterprise security management - policy divide, lack of reproducibility, lack of consistency, lack of coverage and lack of flexibility in current management systems. We discuss these problems and suggest features an enterprise security management framework should have to address them. Mesmerize is an enterprise security management framework that allows holistic enterprise security policy to be interpreted into technology specific directives then translated into device specific configuration. The Mesmerize framework incorporates an information repository, which is accessed and interpreted by manager programs that - in turn - communicate with configuration agents that configure specific devices. The information repository stores network element information as well as security policies that are associated with those network elements. Manager programs make use of the information repository to generate technology specific directives that are sent to configuration agents during policy enforcement. A configuration agent is responsible for translating the technology specific directive into the configuration language of a device or service implementation. Currently we have proof-of-concept management subsystems for IPChains firewalls (IPChains), BIND domain name servers (BIND), and FreeSWAN virtual private network end-points (FreeSWAN).
Cite as: Bradley, D. and Josang, A. (2004). Mesmerize - an Open Framework for Enterprise Security Management. In Proc. Second Australasian Information Security Workshop (AISW2004), Dunedin, New Zealand. CRPIT, 32. Montague, P. and Steketee, C., Eds. ACS. 37-42.
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS
 

 

ACS Logo© Copyright Australian Computer Society Inc. 2001-2014.
Comments should be sent to the webmaster at crpit@scem.uws.edu.au.
This page last updated 16 Nov 2007