This application is a continuation in part of U.S. patent application Ser. No. 11/118,308 filing date Apr. 28, 2005 now U.S. Pat. No. 8,099,760 which is a continuation of U.S. patent application Ser. No. 10/262,648 filing date Oct. 1, 2002, now U.S. Pat. No. 6,952,779, issued on Oct. 4, 2005. This application claims priority from U.S. provisional patent 60/869,833 filing date Dec. 13, 2006, all applications being incorporated by reference.
Computer networks enable communication between nodes in the network in order to support the operation of the systems, applications and services. Computer networks are plagued with vulnerabilities. Vulnerabilities are weaknesses in computers and devices caused for example, by bugs or miss-configurations. Possible access between nodes can be exploited by unauthorized entities. Attackers can attack computer networks by exploiting possible access and vulnerabilities, frequently causing damages such as denial of service and theft of corporate secrets. Attackers often exploit several vulnerabilities in a row starting with one device, attacking several devices along the way, and ending the final target device. Attackers may start attacks from the Internet, an intranet, or any other network. Consequently, access control mechanisms are incorporated in computer networks in order to constraint the possible access to the access required for the proper operation of the network. Access control mechanisms include firewalls, routers with ACL (access list) rules, intrusion prevention systems (IPS) and more. The access control mechanism can be viewed as the tools to enforce network access policy. Network access policy specifies constraints on the permitted access in the network. An example of a policy access rule can be that access from the Internet to http services of specified hosts is permitted, while access to NetBios ports from the Internet should be denied. Various formal methods were suggested for defining and representing network access policies. For example publication of Y. Bartal, A. Mayer, K. Nissim, and A. Wool Firmato: a novell firewall management toolkit. IEEE Symposium and Privacy, pages 17-31, 1999. A formal specification of the network access policy enables to check using automatic tools the compliance of the network with the access policy. Various publications relate to methods for performing the compliance check.
In large networks, the access might relate to a huge number of access situations, and the number of violations of the access policy might be big. Furthermore, the rules of the access policy itself might allow access that enables attacks with high potential risk
Consequently there is a need to help security staff to understand the security risk and the business impact of any given policy rule or any policy rule violation, and to enable accurate prioritization of handling the rules and the violations. These required abilities can have dramatic effect on the efficiency, accuracy and timelines of security assessments. Current methods do not enable the prioritization of violations, and risky access.
Thus, there is a need to provide methods of evaluating the risk level of policy violations and risky access and associate security metrics. These methods should be of use in handling violations of policy access rules and enhancing the coverage of the policy including, for example, finding the main risks by identifying possible attack scenarios by various threats, determining their business impacts and prioritizing the violation of policy access rule or the access rule itself according to their contribution to the main risks or other factors and reporting them.