ICSC: Intent-Based Closed-Loop Security Control System for Cloud-Based Security Services

This article proposes an intent-based closed-loop security control (ICSC) system for intelligent and effective security service management. Recent advancements in computer network technologies have led to the emergence of intent-based networking (IBN), significantly improving network security management. This article presents novel contributions to IBN, emphasizing intent fulfillment and intent assurance within network security. The proposed approach in this article utilizes a standardized framework called interface to network security functions (I2NSF) with standardized communication protocols and data models, allowing the deployment of security policies across multi-vendor environments. Furthermore, the existing security policy translator for an intent is extended to support dynamic translation, enabling the immediate integration of new security solutions into the network. An analytics component with machine learning is also introduced for continuous network monitoring, proactively identifying anomalies, and triggering automated threat mitigation. Additionally, the ICSC system's performance is assessed in various scenarios and configurations, providing a thorough understanding of its strengths and limitations. Thus, it is shown that the ICSC system can establish robust and adaptive network security management.