Vulnerability Management for Safe Configurations in Autonomic Networks and Systems

Martin Barrere 1
1 MADYNES - Management of dynamic networks and services
LORIA - NSS - Department of Networks, Systems and Services, Inria Nancy - Grand Est
Abstract : Over the last years, the massive deployment of computing devices over disparate interconnected infrastructures has dramatically increased the complexity of network management. Autonomic computing has emerged as a novel paradigm to cope with this challenging reality. By specifying high-level objectives, autonomic computing aims at delegating management activities to the networks themselves. However, when changes are performed by administrators and self-governed entities, vulnerable configurations may be unknowingly introduced. Nowadays, vulnerabilities constitute the main entry point for security attacks. Therefore, vulnerability management mechanisms are vital to ensure safe configurations, and with them, the survivability of any autonomic environment. This thesis targets the design and development of novel autonomous mechanisms for dealing with vulnerabilities, in order to increase the security of autonomic networks and systems. We first present a comprehensive state of the art in autonomic computing and vulnerability management. Afterwards, we present our contributions which include autonomic assessment strategies for device-based vulnerabilities and extensions in several dimensions, namely, distributed vulnerabilities (spatial), past hidden vulnerable states (temporal), and mobile security assessment (technological). In addition, we present vulnerability remediation approaches able to autonomously bring networks and systems into secure states. The scientific approaches presented in this thesis have been largely validated by an extensive set of experiments which are also discussed in this manuscript.
Complete list of metadatas

Cited literature [100 references]  Display  Hide  Download

https://hal.inria.fr/tel-01750754
Contributor : Rémi Badonnel <>
Submitted on : Monday, December 15, 2014 - 11:47:57 AM
Last modification on : Tuesday, February 5, 2019 - 2:46:01 PM
Long-term archiving on : Monday, March 16, 2015 - 11:11:05 AM

Identifiers

  • HAL Id : tel-01750754, version 2

Citation

Martin Barrere. Vulnerability Management for Safe Configurations in Autonomic Networks and Systems. Networking and Internet Architecture [cs.NI]. Université de Lorraine, 2014. English. ⟨NNT : 2014LORR0048⟩. ⟨tel-01750754v2⟩

Share

Metrics

Record views

467

Files downloads

1204