Home

Mission

With increasing malicious attacks frequently disrupting Internet services, many innovative security solutions and technologies have been developed. A typical enterprise network might have hundreds of security devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. This involves thousands of security configuration variables and rules that must be set consistently and correctly across different devices and networks in order to accomplish the security goals.

Moreover, security configuration must be constantly changing to optimize protection and block prospective attacks. Tuning configuration to balance security, flexibility, and performance is another major challenging task. This is extremely burdensome not only for regular users but also for experienced administrators, who have to be very lucky to get things working right all the time.

This configuration management complexity does not only lead to lack of manageability but also causes major network/service interruption. “It is estimated that configuration errors enable 65% of cyber attacks and cause 62% of infrastructure downtime”, Network World, July 2006. This could be due to configuration conflicts, inconsistency, and bugs that lead to incorrect implementation of security configuration.

Our experience confirms that the success of any technology is dependent not only on its sophistication but also on its manageability and usability. This 2-day invitation-only NSF workshop is organized to contribute to advancing research in this important topic. The objective of this workshop is to bring together top researchers in this area in order to review the state-of-the-art, discuss the major challenges and construct a research road map that leads to successful integration of security and usability.

The workshop program will include presentations and panel/group discussions. This workshop will seek presentations on the following topics (but not limited to): defining, translating, verifying, validating, distributing, abstracting, testing, debugging, visualizing, inspecting, optimizing, and protecting the privacy and integrity of security host and network configuration.

Topics

  1. Integrating network and host configuration

  2. Automated forensics and mitigation

  3. Measuring assurability and usability: Usable security often involves trade offs between security or privacy and usability/utility

  4. Abstract models and languages for configuration specification

  5. Configuration refinement and enforcement

  6. Formal semantics of security policies and mapping these to configuration

  7. Configuration testing, debugging and evaluation

  8. Reasoning about uncertainly in configuration management

  9. Representation of belief, trust, and risk in security policies

  10. Configuration/misconfiguration visualization

  11. Configuration reasoning and conflict analysis

  12. Risk adaptive configuration systems

  13. Context-aware security configuration in pervasive and mobile computing

  14. Configuration accountability

  15. Automated signature and patch management

  16. Automated alarm management

  17. Protecting the privacy and integrity of security configuration

  18. Optimizing security, flexibility and performance

  19. Design for flexibility and manageability - clean slate approach

  20. Configuration management vs. least-privilege

Question for the Panel Discussion

  • What are main challenges facing usable and assurable security - 5 years plan
  • What are the best practices in managing security today and how do these fall short of addressing these challenges. Any tools?
  • Are the notions of manageable security for end-users and IT professionals the same? Is the approach to address this is different?
  • Does security management lack a new theoretical foundation for building rigorous solution? If yes then what?
  • How does security configuration management impact other security areas such intrusion prevention, forensics, and patch management?
  • Can security misconfiguration be identified and fixed before and after the attack automatically?
  • Can configuration assurability and usability be measured?
  • How can one automate the creation of the security architecture including defense in depth.
  • How can host and network be integrated transparently?
  • How to balance security, flexibility, and performance?
  • How do these differences affect the (perception of) usability of the security mechanisms and tools?
  • How to assess self-configured, context-aware, dynamic configuration trends? Where is the boundary between the end-users/security professionals and the system control?
  • Is the security configuration system itself secure? What integrity and privacy attacks can be lunched against it?
  • How to balance between least-privilege principle and configuration flexibility?