El Kalam A.A.,IPI LISER Propedia |
Leroy J.-P.,IPI LISER Propedia |
Bessa L.,IPI LISER Propedia |
Mahe J.-M.,IPI LISER Propedia
International Journal of Soft Computing | Year: 2015
Managing security and configuration in a large scale distributed network is a labor-intensive task, error prone and time-consuming. This is mainly due to the large number and the complexity of security mechanisms that need to be enforced in order to meet the security goals. The mis configuration of a single security component out of hundreds may cause failures, mainly related to availability, integrity, confidentiality and performance. In this study, we introduce a global framework based on Common Information Model (DMTF CIM) and Model-Driven Architecture (MDA) concepts to address the problem of security policy refinement process. The main goal is to automatize, enhance and simplify the different functions related to security configuration management which is generally manually performed and qualified as a hard-task, especially for large scale networks and systems. The proposed framework includes tree levels of abstraction to bridge the gap between high-level security policies and low-level ones that represent concrete configurations. Moreover, it integrates conflicting resolution mechanisms and proposes an open source based implementation. © Medwell Journals, 2015.