14th Annual Computer Security Applications Conference
December 7-11, 1998
Phoenix, Arizona


Concentric Supervision of Security Applications: A New Security Management Paradigm

Philip C. Hyland
Dr. Ravi Sandhu

This paper questions the status quo regarding Security Management (SM) tools that function in an isolated, monolithic fashion. People work best by interacting with others and with their systems to see the "big picture" to interpret individual events. Our view of SM called Concentric Supervision of Security Applications (CSSA) is a continuous cycle of information flow. CSSA processing of status information and control of security features does not replace existing notions. It serves to enhance the existing ad hoc and segmented "engineered" solutions so that SM systems support "the way people work". We divide management functions into three phases: administration, operations, and assessment. Different skills, authority, and data are needed to perform tasks in each phase, but some information must flow for efficient and effective functionality. We give suggestions on some linkages by describing typical SM scenarios and how they might function. Parallels are drawn with related issues in network management systems and relationships to current management approaches are discussed.