As our society increasingly relies upon networked computers for people's day-to-day life, cyber security has become a major concern. In order to have a meaningful security management strategy, one has to balance the risk of opening an access and the benefit of having the access. This is extremely difficult for a large system. All sizable organizations depend upon networked computers to provide essential services. One service may depend upon another, which may not be on the same computer. A seemingly legitimate configuration setting at one machine could cause unexpected security exposure at another. A seemingly moderate security control at one service could be too draconian for another service to operate smoothly. In determining a ""good"" configuration setting for an enterprise system, one has to consider all possible interactions among the system's components to ensure that accesses are opened in a way that usability and risk are well balanced.
This research will develop a logic-based methodology to automate enterprise security management. The formal model-based approach makes sure that security knowledge can be shared in a machine-readable format, and consumed by automated tools to assist in reaching configuration settings that both satisfy legitimate business needs and protect the information systems adequately. The successful result from the research will enable management workforce to leverage an open management knowledge base, and be liberated from the mundane management jobs by tools that can automatically apply the generic knowledge to specific situations in an organization to reach a secure and usable configuration setting.
