Security Policy Enforcement and Compliance System (SPECS)

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$99,994.00
Award Year:
2006
Program:
SBIR
Phase:
Phase I
Contract:
FA8750-06-C-0153
Award Id:
78764
Agency Tracking Number:
O053-NC6-1030
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
4515 Seton Center Parkway, Suite 320, Austin, TX, 78759
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
158034665
Principal Investigator:
ArthurKeen
Technical Team Lead
(512) 342-0010
AKEEN@21technologies.com
Business Contact:
DarrinTaylor
Vice President
(512) 342-0010
dtaylorz@21technologies.com
Research Institute:
n/a
Abstract
While the advantages of the Global Information Grid (GIG) cannot be overstated, the challenge of maintaining security policies effectively is a daunting task. This huge network incorporates a diverse array of components and is designed to be highly dynamic and mobile. Asserting control over the GIG is critical to operational success yet is often too cumbersome via traditional means. Although systems exist for managing security policy on enterprise-scale networks, they tend to assume relatively static network configurations in which updates are deployed largely manually. Along with being lengthy, labor-intensive operations, such reconfigurations can misinterpret or overlook governing security policies and controls, leaving portions of the network vulnerable to attack. We propose the Security Policy Enforcement and Compliance System (SPECS), a framework for managing security policy on super-sized, diverse and dynamic networks. SPECS automates policy management by encoding policies in an ontology to facilitate automated enforcement given operational requirements. By linking policies to the controls that enforce them, SPECS can rapidly deploy existing policies into new or changing operational environments, and it can update existing environments in response to changes in the policies themselves. This end-to-end modeling also enables SPECS to quickly assess compliance for assured levels of network security.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government