1. Field of the Invention
The present invention relates to information security and, more particularly, to automated methods and systems for securing a target system.
2. Description of the Related Art
In dynamic computing environments, devices, applications, and networks of devices and applications may be provisioned at any point in their lifecycle. These networks, devices, and applications may be installed, updated, reconfigured, or decommissioned, and this is likely to happen many times throughout their lifecycle. Furthermore, in such dynamic computing environments, applications may be moved between running systems in an effort to recover from the loss of systems, to adjust changing resources requirements, or to support some other transition process.
The security needs of devices and applications in a dynamic computing environment are difficult to meet because the computing environment changes constantly. For example, traditionally, servers are often dedicated, meaning that they typically perform no other tasks than are required to support a business or technical requirement. As a result, most security configurations or security postures of servers are built and deployed specifically for the servers' particular needs. However, in a dynamic computing environment, services/applications are often added to or removed from existing server configurations to meet the changing needs of the dynamic computing environment. For instance, a Web server and a File Transfer Protocol (FTP) server may both concurrently coexist on one target system.
The problem with running the Web server on a system purposed as an FTP server is that the FTP server cannot accommodate the Web server's security needs because the FTP server's security posture was built and deployed specifically to the needs of the FTP server. One method to accommodate the Web server's security needs is for a user to manually rebuild and redeploy a new security posture according to the combined needs of the two services. However, such manual rebuilds are complicated, time consuming, and labor intensive. For example, a typical Solaris system, an operating environment developed by Sun Microsystems, can require 100 changes to move from a default security posture to a security posture focused on providing a small set of services to different classes of users via different network interfaces in a reasonably secure manner. Even if manual rebuilds for one system is manageable, many changes over the life of a network of systems is very difficult (imagine 100, 1000, or even 10,000 systems). Further, tasks assigned to the server may frequently change and it's nearly impossible for the user to constantly rebuild and re-deploy security profiles.
In view of the forgoing, there is a need to develop methods and systems for securing a system in adaptive, dynamic, and consolidated computing environments.