Generic, Risk-Adaptive Security Policy (GRASP)

Period of Performance: 04/28/2006 - 04/28/2007

$100K

Phase 1 SBIR

Recipient Firm

ISX Corporation
760 Paseo Camarillo, Ste. 401
Camarillo, CA 93010
Principal Investigator

Abstract

Generic, Risk-Adaptive Security Policy (GRASP) will provide operators with a policy-based mechanism for managing security within a dynamic networking environment. GRASP will provide the means to specify, deconflict, and maintain policy, to apply, monitor, and enforce policy and to analyze and simulate the effects of policy. GRASP will achieve this by developing: A Semantically-rich policy representation An intuitive graphical user interface Logically-rigorous tools for policy analysis, disclosure, and deconfliction Empirical tools for policy analysis, disclosure, and deconfliction Rigorous enforcement of policy over heterogeneous operational environments Context-sensitive policy adaptation Policy provenance and versioning tools