Summary
| In this chapter, you learned that HIPS products have management infrastructure and agent components. HIPS agents act like security guards and decide whether to allow or deny a person access to a building resource. The guards use an access control process to make the decision and identify the resource the person attempts to access. They continue and gather data about the operation, determine the state of the system, consult the security policy, and finally take action. HIPS products tackle each phase of the access control process differently. This chapter examined the different approaches in detail. Real HIPS products were used as examples in some cases. In the first phase of the access control process, the agent identifies the resource being accessed. Commonly identified resources include the following:
The next phase is the data gathering phase. HIPS products gather data using one or more of the following methods:
HIPS products also determine the state of the system. States in common use include the following:
The data that was gathered about the resource access attempt and system state is compared to one or more of the following policy types:
The access control process concludes when the HIPS takes action based on the results of the access attempt to policy comparison. This chapter also addressed the management center and interface components of the management infrastructure. The management center portion was divided into database, event and alert handling, and policy management components. The properties and approaches to each component were discussed. Lastly, the various types of management interface client and management interface security considerations were addressed. |
EAN: 2147483647
Pages: 115