| Policy-based security management represents the new and developing trend of security management, which can significantly increase the efficiency of security management and lighten the security administrator’s burden. However, the existing policy-based security management frameworks are lack of self-management and self-adaption, and are unable to response to the security state promptly and effectively after policy enforcement. This paper has made a thorough study on these issues above. The main works are as follows:1. The policy management framework based on feedback mechanism is proposed. Aiming at the problem that the current framework can not provide dynamic and flexible support to policy self-adjusting, a policy management framework based on feedback mechanism is constructed which added policy feedback point based on IETF policy management framework. The framework improves the management efficiency and effect by work with policy decision point and policy enforcement point. At the same time, the policy management protocol clusters are proposed, through which policy can be sent down automatically and the dynamic, flexible policy management is achieved.2. The event correlation policy feedback algorithm based on plan recognition is proposed. As the current policy management is short of consideration about policy feedback, this paper proposes a feedback policy description method oriented to event, designs event correlation security policy feedback mechanism, proposes the event correlation policy feedback algorithm based on plan recognition by using the advantage of disposing incomplete information of plan recognition. This algorithm treats the system audit logs and security states as the source of feedback, and produces the target events by using the event analysis module which can standardize the origin events and the event correlation module which can make correlation reasoning. Finally, the feedback policies are distributed and enforced by searching in the target event code database and security policy database, which makes up the self-adaption shortage of security management.3. The weight matrix of policy self-adaption algorithm based on BP neural network is proposed. Aim to the difficulty that policy management can not adjust its security policy fast and effectively, to response to the change of system security state, this paper puts forward the weight matrix of policy self-adaption algorithm based on BP neural network. This algorithm takes full advantage of nerve network’s self-learning and self-adjusting ability and assesses the importance of policy condition set affecting the system’s security function. Then, the policies applied to information system are adjusted in accordance with the weight matrix of policy condition set to adapt to the system’s security requirement and the change of system’s state, eventually meeting the system security need.4. The prototype of security policy management is designed and realized. This paper has designed the structure of security policy management system and elaborated on the process of designing and realizing of policy avengement terminal, policy management server and policy management agent. Then, all of above have purified on the Windows host.The work in this paper has given technical support to the theory unified policy management theory, and provided an important platform for the practice of insuring the system security for security management users. |
PDF Full Text Request