Distributed Security Policy Conformance

  • Mirko Montanari
  • Ellick Chan
  • Kevin Larson
  • Wucherl Yoo
  • Roy H. Campbell
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 354)


Security policy conformance is a crucial issue in large-scale critical cyber-infrastructure. The complexity of these systems, insider attacks, and the possible speed of an attack on a system necessitate an automated approach to assure a basic level of protection.

This paper presents Odessa, a resilient system for monitoring and validating compliance of networked systems to complex policies. To manage the scale of infrastructure systems and to avoid single points of failure or attack, Odessa distributes policy validation across many network nodes. Partial delegation enables the validation of component policies and of liveness at the edge nodes of the network using redundancy to increase security. Redundant distributed servers aggregate data to validate more complex policies. Our practical implementation of Odessa resists Byzantine failure of monitoring using an architecture that significantly increases scalability and attack resistance.


Virtual Machine Resource Description Framework Distribute Hash Table Policy Compliance Monitoring Agent 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Anwar, Z., Campbell, R.H.: Automated Assessment of Critical Infrastructures for Compliance to CIP Best Practices. In: Second IFIP WG 11.10 International Conference on Critical Infrastructure Protection. IFIP (2008)Google Scholar
  2. 2.
    Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., Warfield, A.: Xen and the art of virtualization. In: SOSP. ACM, New York (2003)Google Scholar
  3. 3.
    Carroll, J., Reynolds, D., Dickinson, I., Seaborne, A., Dollin, C., Wilkinson, K.: Jena: implementing the semantic web recommendations. In: WWW. ACM, New York (2004)Google Scholar
  4. 4.
    Castro, M., Druschel, P., Kermarrec, A., Rowstron, A.: SCRIBE: A large-scale and decentralized application-level multicast infrastructure. IEEE Journal on Selected Areas in Communications (2002)Google Scholar
  5. 5.
    Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Transactions on Programming Languages and Systems (TOPLAS) (1982)Google Scholar
  6. 6.
    Jajodia, S., Noel, S., Berry, B.: Topological analysis of network attack vulnerability. In: Managing Cyber Threats: Issues, Approaches and Challenges (2005)Google Scholar
  7. 7.
    Johnson, C., Montanari, M., Campbell, R.H.: Automatic Management of Logging Infrastructur. In: CAE Workshop on Insider Threat. CAE (2010)Google Scholar
  8. 8.
    Montanari, M., Campbell, R.H.: Multi-Aspect Security Configuration Assessment. In: SafeConfig Workshop. ACM, New York (2009)Google Scholar
  9. 9.
    Montanari, M., Chan, E., Larson, K., Yoo, W., Campbell, R.H.: Distributed Security Policy Conformance. Technical Report, University of Illinois (February 2011)Google Scholar
  10. 10.
    Narain, S., Levin, G., Malik, S., Kaul, V.: Declarative Infrastructure Configuration Synthesis and Debugging. Journal of Network and Systems Management (2008)Google Scholar
  11. 11.
    North American Electric Reliability Corporation, Critical Infrastructure Protection Standard, CIP-001 to CIP-009 (2010)Google Scholar
  12. 12.
    NIST. SP800-126: The Technical Specification for the Security Content Automation Protocol (SCAP) (2009)Google Scholar
  13. 13.
    Ou, X., Boyer, W., McQueen, M.: A scalable approach to attack graph generation. In: CCS. ACM, New York (2006)Google Scholar
  14. 14.
    Payne, B.D., Carbone, M., Lee, W.: Secure and Flexible Monitoring of Virtual Machines. In: ACSAC. IEEE, Los Alamitos (2007)Google Scholar
  15. 15.
    Rowstron, A., Druschel, P.: Pastry: Scalable, decentralized object location, and routing for large-scale peer-to-peer systems. In: Liu, H. (ed.) Middleware 2001. LNCS, vol. 2218, p. 329. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Shieh, A., Kennedy, O., Sirer, E., Schneider, F.: NetQuery: A General-Purpose Channel for Reasoning about Network Properties. In: OSDI. USENIX (2008)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2011

Authors and Affiliations

  • Mirko Montanari
    • 1
  • Ellick Chan
    • 1
  • Kevin Larson
    • 1
  • Wucherl Yoo
    • 1
  • Roy H. Campbell
    • 1
  1. 1.Department of Computer ScienceUniversity of Illinois at Urbana-ChampaignUSA

Personalised recommendations