Authorizing and directing configuration updates in contemporary it infrastructures.

ABSTRACTAll security and non-security equipment in a IT infrastructure has to be consistent with the configuration of the entire IT infrastructure. System management tools are used to manage contemporary IT infrastructures in an efficient and secure manner, and ensure its configuration is consistent and correct. System configuration tools achieve this by using a central configuration model from which all configuration is derived. The central configuration model determines the configuration of the infrastructure and needs to be protected against unauthorised access and changes. In large IT infrastructures there are multiple administrators. Each manages an aspect of the infrastructure and thus requires access to the central model. We propose an approach that enforces access control on the changes that are made to the configuration model. Our approach also includes a method to enforce complex authorisation workflows on configuration model updates in federated infrastructures. We developed a prototype that transforms low level textual updates, to updates to the model. This transformation enables access control at the same abstraction level as the configuration model. The first results of this work have been evaluated and published. In this position paper we argue for further research on securing configuration models and applying access control on updates to the configuration model.