Ehab Al-Shaer · Xinming Ou Geoff rey Xie Editors Automated Security Management Automated Security Management Ehab Al-Shaer • Xinming Ou (cid:129) Geoffrey Xie Editors Automated Security Management 123 Editors EhabAl-Shaer XinmingOu DepartmentofSoftwareand ComputingandInformationSciences InformationSystems KansasStateUniversity UniversityofNorthCarolinaCharlotte Manhattan,KS,USA Charlotte,NC,USA GeoffreyXie DepartmentofComputerScience NavalPostgraduateSchool Monterey,CA,USA References to various copyrighted trademarks, servicemarks, marks and registered marks ownedbytherespectivecorporationsand/orconnectedsubsidiariesmayappearinthisbook. We use the names, logos, and images only in an editorial fashion with no intention of infringementofthetrademark. ISBN978-3-319-01432-6 ISBN978-3-319-01433-3(eBook) DOI10.1007/978-3-319-01433-3 SpringerChamHeidelbergNewYorkDordrechtLondon LibraryofCongressControlNumber:2013947169 ©SpringerInternationalPublishingSwitzerland2013 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartof thematerialisconcerned,specificallytherightsoftranslation,reprinting,reuseofillustrations,recitation, broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,andtransmissionorinformation storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodology nowknownorhereafterdeveloped.Exemptedfromthislegalreservationarebriefexcerptsinconnection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’slocation,initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer. PermissionsforusemaybeobtainedthroughRightsLinkattheCopyrightClearanceCenter.Violations areliabletoprosecutionundertherespectiveCopyrightLaw. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. While the advice and information in this book are believed to be true and accurate at the date of publication,neithertheauthorsnortheeditorsnorthepublishercanacceptanylegalresponsibilityfor anyerrorsoromissionsthatmaybemade.Thepublishermakesnowarranty,expressorimplied,with respecttothematerialcontainedherein. Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) Preface Withtheincreasingtrendofcyberattacks,moresecuritytechnologiesanddevices have been developed. A typical enterprise network might have hundreds of secu- rity devices such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers, and crypto systems. However, each security device mightcontainthousandsofsecurityconfigurationvariablesandrulesthatmustbe set correctly and consistently across the entire network in order to enforce end- to-end security properties. Moreover, security configuration must be constantly changingtooptimizeprotectionandblockprospectiveattacks.Tuningconfiguration to balancesecurity,flexibility,andperformanceis anothermajorchallengingtask. This is extremely burdensome not only for regular users but also for experienced administrators, who have to be very lucky to get things working right all the time. The resulting security configuration complexity places a heavy burden on bothregularusersandexperiencedadministratorsanddramaticallyreducesoverall networkassurabilityandusability. Automated Security Management presents a number of topics in the area of configuration automation. This book is based on papers published at the fifth SymposiumonConfigurationAnalyticsandAutomation(SafeConfig2012).Itisa sourceofinformationforITsecurityconfigurationautomationforbothresearchers andpractitioners.Part introducesmodelingandvalidationofconfigurationsbased on high-levelrequirements.Part II discusses how to managethe security risk as a resultofconfigurationsettingsofnetworksystems.PartIIIintroducestheconcept of configuration analysis and why it is important in ensuring the security and functionality of a properly configured system. Part IV presents ways to identify problemswhenthingsgowrong.Wewouldliketothankallthechapterauthorsfor contributingsuchadiversecollectionoftimelyandinterestingresearchresults. Charlotte,NC,USA EhabAl-Shaer Manhattan,KS,USA XinmingOu Monterey,CA,USA GeoffreyXie v Contents PartI ConfigurationModelingandChecking 1 TowardsaUnifiedModelingandVerificationofNetwork andSystemSecurityConfigurations ..................................... 3 MohammedNoradenAlsaleh,EhabAl-Shaer, andAdelEl-Atawy 2 ModelingandCheckingtheSecurityofDIFCSystem Configurations .............................................................. 21 MingyiZhaoandPengLiu PartII VulnerabilityandRiskAssessment 3 Increasing Android Security Using a Lightweight OVAL-BasedVulnerabilityAssessmentFramework ................... 41 Martín Barrère, Gaëtan Hurel, Rémi Badonnel, andOlivierFestor 4 ADeclarativeLogic-BasedApproachforThreatAnalysis ofAdvancedMeteringInfrastructure.................................... 59 MohammadAshiqurRahmanandEhabAl-Shaer 5 RiskBasedAccessControlUsingClassification ........................ 79 Nazia Badar, Jaideep Vaidya, Vijayalakshmi Atluri, andBasitShafiq PartIII ConfigurationAnalytics 6 GCNav:GenericConfigurationNavigationSystem.................... 99 ShankaranarayananPuzhavakathNarayanan,SeungjoonLee, andSubhabrataSen vii viii Contents 7 TheRightFilesattheRightTime ........................................ 119 HayawardhVijayakumarandTrentJaeger 8 RuleConfigurationCheckinginSecureCooperativeDataAccess.... 135 MeixingLe,KrishnaKant,andSushilJajodia PartIV DiagnosticsandDiscovery 9 ProgrammableDiagnosticNetworkMeasurement withLocalizationandTrafficObservation .............................. 153 MichaelR.ClementandDennisVolpano 10 DiscoveryofUnexpectedServicesandCommunication PathsinNetworkedSystems .............................................. 169 IchitaHigurashi,AkiraKanaoka,MasahikoKato, andEijiOkamoto 11 TracingAdvancedPersistentThreatsinNetworkedSystems......... 179 MasahikoKato,TakumiMatsunami,AkiraKanaoka, HiroshiKoide,andEijiOkamoto Part I Configuration Modeling and Checking