Active Security A Proactive Approach for Computer Security Systems

Dr. Gerhard Eschelbeck
Network Associates, Inc.
Santa Clara, California, USA


Institut für Informationsverarbeitung und Mikroprozessortechnik (FIM)
Johannes Kepler Universität Linz


Computer systems and especially networking environments are growing and changing very rapidly. Such growth introduces major security risks, as current computer and networking security components are not able to dynamically adopt themselves for the changing needs. Especially the growth of the internet and electronic commerce made it necessary to have centralized security policies in place which are enforced by a distributed environment. "Active Security" is the result of a research and development project, introducing a new approach for implementing security systems, being able to automatically respond to new security threats. The focus of this work is encompassing a security infrastructure where multiple components including intrusion detection systems, vulnerability assessment scanners, firewalls and other security devices are able to communicate and respond to changing security threats. Design and implementation of Active Security is based on a public key infrastructure using digital certificates for providing authenticated communication.