Kinetic Example



Composing Policies together


Example: First check whether a host is authenticated by the Web login mechanism. Then apply a network policy that allows traffic by default but blocks the traffic if an infection event occurs.
Composition: auth_web >> ids


Example: First check whether a host is authenticated, either through a Web login or via 802.1X mechanism. Subsequently, apply a network policy that allows traffic by default but blocks the traffic if an infection event occurs. Finally, apply a rate-limiting policy:
Composition: (auth_web + auth_8021x) >> ids >> rate_limiter


Verifying The Control Logic


CTL Example: AG (infected → AX policy=drop)
In English: If the host is infected, drop that host's traffic.

CTL Example: AG EF (policy=identity))
In English: Whatever the current state is, it is always possible to go back to the state where the host's traffic is allowed.

CTL Example: AG ( (authenticated_web | authenticated_1x) & !infected → AX policy!=drop )
In English: If host is authenticated either by Web or 802.1X, and is not infected, packets should never be dropped.


© Georgia Tech, 2014