1. Field of the Invention
The present invention generally relates to computer resource security and, in particular, to a system and method for automatically monitoring a security profile of a computer system and for correcting the security profile in order to maintain a desired level of security.
2. Related Art
To protect a computer system against vulnerabilities (e.g., attacks from hackers), the computer system is often “locked down” via a security application. As known in the art, a security application locks down a computer system by controlling a machine state or configuration of the computer system such that the computer system (e.g., an operating system within the computer system) enforces a set of security rules that prevent unauthorized users from accessing and/or modifying certain applications, files, and/or other resources within the computer system. For example, a security application may set the configuration of the computer system such that the computer system enforces a rule that restricts which users may access a particular file. In this regard, the computer system may maintain a list, commonly referred to as an access control list, that identifies which users are authorized to access and/or use various computer resources. To cause the computer system to enforce the foregoing rule, the security application modifies the access control list such that it indicates which users may access the particular file. When a user attempts to access this file, the computer system first checks the access control list to determine whether or not the user is one of the specified users that may access the file. If the user is one of the specified users, then the computer system allows the access to occur. However, if the user is not one of the specified users, then the computer system prevents the access and displays a message to the user indicating that access to the requested file has been denied.
The security application normally includes data that defines a list of security rules that may be enforced by a computer system. The security application displays this list of security rules and allows a particular user or set of users, referred to herein as the “system administrator,” to select which of the rules that the system administrator would like enforced by the computer system. The security application, in turn, modifies the configuration or, in other words, the machine state of the computer system such that the computer system enforces the rules selected by the system administrator.
Note that the security application normally sets the security configuration (i.e., the portions of the machine state pertaining to system security) of the computer system, and the computer's operating system enforces the security rules based on the settings controlled by the security application. In other words, the security application causes the operating system to enforce the selected rules by manipulating the security configuration of the computer system. Thus, once the security application has set the security configuration of the computer system, the security application usually provides no further functionality in enforcing the selected rules. The security application, however, may change the computer system's settings in order to change which rules are enforced by the operating system in response to inputs for changing the security profile from the system administrator.
As described above, the system administrator selects which security rules should be enforced based on the level of security desired by the administrator, and the degree to which the computer system is locked down by the security application depends on the rules selected by the system administrator. Generally, the more rules that are enforced, the more secure the system becomes and, in other words, the more the system is locked down. Thus, if the system administrator desires to have a more secure computer system, the system administrator typically selects more rules for enforcement and/or selects particular rules that provide a particularly secure environment in an area of interest to the system administrator. However, in general, the compatibility of the computer system decreases as the security of the computer system increases. Therefore, if security is not a high priority to the system administrator, then he or she may select for enforcement fewer rules and/or rules that do not provide a high level of security, thereby reducing the degree to which the computer system is locked down.
Moreover, the degree to which the computer system is locked down by the security application depends on the competing interests of system security and system compatibility. Therefore, the rules selected for enforcement usually vary from computer system to computer system based on the desires of the system administrators in establishing the security profile of each of the computer systems. As used herein, a “security profile” refers to the collective set of rules that have been selected for locking down a computer system in order to prevent unauthorized users from accessing and/or modifying certain resources within the computer system. Security applications that set the security configuration of a computer system to induce the computer system to enforce the selected security rules or that, in other words, set the security profiles of computer systems are well known in the art and are often referred to as “lock down products” or “lock down applications.” Normally, a security application only allows the system administrator or a user designated by the system administrator to change the computer system's security profile.
Since the security profiles of computer systems typically vary from computer system to computer system, most security applications do not provide a standard set of security rules for implementation. In this regard, most security applications list for the system administrator each security rule that may be selected for enforcement. The system administrator then reviews the displayed list of rules and selects the rules that the administrator would like enforced by the computer system and, in other words, added to the security profile of the computer system. When a rule is selected for enforcement, the rule is referred to herein as “enabled,” and when a rule is not selected for enforcement, the rule is referred to herein as “disabled.”
After the system administrator has traversed through the list and has enabled or disabled each of the rules as desired, the system administrator enters an input to activate the security profile being defined by the system administrator. Upon activation, the security application modifies the security configuration of the computer system such that the rules enabled at the time of activation are now enforced by the computer system and such that the rules disabled at the time of activation are now not enforced by the computer system. In other words, the security application causes the computer system to implement the security profile defined by the system administrator.
As described above, after activation, the security application is not typically involved in the enforcement of the selected rules until the security application receives inputs for changing the security profile being implemented by the computer system. In this regard, the security profile is defined by the settings or, in other words, the machine state of the computer system, and the computer system utilizes theses settings in enforcing the selected rules of the security profile. However, it is possible, in some instances, for an unauthorized user to change the settings of the computer system such that the security profile implemented at the time of activation is changed. In other words, it is possible for an unauthorized user to change these settings of the computer system such that the computer system enforces a different set of security rules. As a result, the security of the computer system may be compromised, and/or the compatibility of the computer system may be reduced.
Thus, a heretofore unaddressed need exists in the industry for providing a system and method of protecting a security profile of a computer system from changes made by unauthorized users.