| The need for adaptive security mechanisms is growing, driven by the increasing automation and modularity of attack tools, the prevalence of dynamic service-oriented architectures and the greater availability of network analysis data. In order to facilitate the evaluation and enforcement of access control policies based on real-time analysis data, a framework for the collection, analysis and dissemination of security data is proposed. In demonstrating its implementation, the framework is integrated with a web server and is used to provide a quantitative risk assessment based on data from vulnerability exploitation attempts. While maintaining high availability for non-affected entities, the percentage of denied intrusive requests is increased by triggering more restrictive permissioning in the face of escalating risk from external nodes and to system resources. A detailed performance analysis is also conducted that compares the proposed framework with an ordinary webserver and demonstrates the ability of the framework to handle high request loads in excess of one million transactions per day. |
