Rule-based security management system for data-intensive applications

Applications in today's software development landscape evolve at a rapid rate, constantly providing their users with new updates and features. This can result in growing complexity to understand the entire application even within the scope of a small enterprise. The security team may not understand such a large application completely and the developers may not understand or properly incorporate important security measures, thus creating a less secure system. As a result, the application can be subjected to security vulnerabilities that can result in serious data and reputation loss. In this work, we propose a platform for security control that uses a Business Rule Engine to provide a more simplified way of defining security rules at an operational level, allowing collaboration between developers and security analysts. The proposed platform is external to the system and enables the development and security teams to write simple business rules without disrupting the system. We first evaluate our platform on a private testbed where we show how it simplifies the task of detecting common Web application vulnerabilities. Next, we deploy the platform along with a real data-intensive industrial application. We validate our platform on this industrial application to show how it can detect and mitigate unknown security vulnerabilities, how it can handle complex vulnerabilities and how it can facilitate the teams to handle these issues at runtime.