Visible to the public On the Impact of Generative Policies on Security Metrics

TitleOn the Impact of Generative Policies on Security Metrics
Publication TypeConference Paper
Year of Publication2019
AuthorsVerma, Dinesh, Bertino, Elisa, de Mel, Geeth, Melrose, John
Conference Name2019 IEEE International Conference on Smart Computing (SMARTCOMP)
Date Publishedjun
KeywordsAccess Control, administrative overhead, authorisation, complex systems, computer network management, computer network security, computer security, generative policy based system, Grammar, Manuals, Measurement, policy basedsecurity management, policy-based governance, pubcrawl, security management, security metrics, security policies, security policies generation
AbstractPolicy based Security Management in an accepted practice in the industry, and required to simplify the administrative overhead associated with security management in complex systems. However, the growing dynamicity, complexity and scale of modern systems makes it difficult to write the security policies manually. Using AI, we can generate policies automatically. Security policies generated automatically can reduce the manual burden introduced in defining policies, but their impact on the overall security of a system is unclear. In this paper, we discuss the security metrics that can be associated with a system using generative policies, and provide a simple model to determine the conditions under which generating security policies will be beneficial to improve the security of the system. We also show that for some types of security metrics, a system using generative policies can be considered as equivalent to a system using manually defined policies, and the security metrics of the generative policy based system can be mapped to the security metrics of the manual system and vice-versa.
Citation Keyverma_impact_2019