Automating Information Security Policy Compliance Checking

Information Security Policies are used for expressing the high level objectives of Security of an enterprise. The different IT assets are configured to protect the enterprise from attackers. The configured assets generate log records as description of the events happening in the system. Published literature focuses on the behavioral aspects of the users in complying with the policies. This paper presents a novel idea of checking the compliance with Information Security Policies from the log records. The paper presents a formal description of compliance and goes on to describe the representation of the different entities like Policies, Rules, Events and Logs for the automatic Compliance checker.