Titre : |
Policy Mining: a Bottom-Up Approach for Network Security Management |
Type de document : |
thèse |
Auteurs : |
Safaà HACHANA, Auteur ; Yamine AIT AMEUR, Directeur de thèse ; Frédéric CUPPENS, Directeur de thèse ; Nora CUPPENS-BOULAHIA, Directeur de thèse ; LIAS UR 20299 UP-ENSIP / ISAE-ENSMA, Commanditaire ; Refik MOLVA, Rapporteur ; Mohand-Saïd HACID, Rapporteur ; Radu STATE, Examinateur ; Ladjel BELLATRÈCHE, Examinateur ; Stéphane MORUCCI, Examinateur |
Importance : |
122 p. + suppl. 46 p. |
Note générale : |
NNT 2014ESMA0017
Abstract
Résumé
Contents
List of figures
List of tables
List of algorithms
Bibliography
List of publications
Appendix |
Langues : |
Anglais (eng) |
Catégories : |
Boole, Algèbre de Coupe-feu (sécurité informatique) Entreprises:Réseaux d'ordinateurs Exploration de données Langages d'interrogation Ordinateurs:Accès:Contrôle Systèmes informatiques:Mesures de sûreté
|
Résumé : |
INTRODUCTION
Contribution
Outline of the thesis
TOWARD A MODEL BASED APPROACH FOR NETWORK ACCESS CONTROL MANAGEMENT
Firewall management approaches in literature
Top-down and bottom-up framework for a model driven network security policy management
Conclusion and key unhandled issues
ROLE MINING
Overview of role mining process
Preprocessing stage
Role mining processing: extracting roles
Assessment and enforcement
Synthesis and discussion
Conclusion and key unhandled issues
FIREWALL POLICY MINING
Formalization of the approach proposed
Policy mining solution
Example
Conclusion and perspectives
MINING A HIGH LEVEL ACCESS CONTROL POLICY IN A ANETWORK WITH MULTIPLE FIREWALLS
A bottom-up framework to mine a model based network security policy
Integrating abstract entities
Integrating abstract rules
Example
Conclusion and perspectives
ROLE SET COMPARISON ANALYSIS
Motivation
Role set comparison problem
Role set comparison solution
Conclusion and perspectives
SHADOWED ROLES DETECTION
Correlation between shadowed roles and role set comparison results
Definition of shadowed roles
Shadowed roles retection algorithm
Conclusion
EXPERIMENTAL EVALUATION
Platform of test
Experiments with role set comparison algorithm
Experiments with shadowed roles detection algorithm
Experiments with policy minig algorithm
Multiple firewalls policy mining experiments
Conclusion
CONCLUSION AND PERSPECTIVES |
En ligne : |
https://tel.archives-ouvertes.fr/tel-01129078 |