Multi-constraint Security Policies for Delegated Firewall Administration
نویسندگان
چکیده
This work presents a new policy based security framework that is able handle simultaneously and coherently mandatory, discretionary and security property policies. One important aspect of the proposed framework is that each dimension of the security policies can be managed independently, allowing people playing different roles in an organization to define security policies without violating a global security goal. The framework creates an abstract layer that permits to define security policies independently of how they will be enforced. For example, the mandatory and security property polices could be assigned to the risk management staff while the discretionary policies could be delegated among the several departments in the organization.
منابع مشابه
A Matrix Model for Designing and Implementing Multi-firewall Environments
Firewalls are core elements in network security, the effectiveness of firewall security is dependent on configuring the firewall policy correctly. A firewall policy describes the access that will be permitted or denied from the trusted network. In a corporate network several firewalls are setup and administrated by different individuals. The consistency between those firewall policies is crucia...
متن کاملPolicyVis: Firewall Security Policy Visualization and Inspection
Firewalls have an important role in network security. However, managing firewall policies is an extremely complex task because the large number of interacting rules in single or distributed firewalls significantly increases the possibility of policy misconfiguration and network vulnerabilities. Moreover, due to low-level representation of firewall rules, the semantic of firewall policies become...
متن کاملDealing with Multi-policy Security in Large Open Distributed Systems
From the security point of view, one challenge for today's distributed architectures is to support interoperation between applications relying on di erent possibly inconsistent security policies. This paper proposes a practical solution for dealing with the coexistence of di erent security policies in distributed architectures. We introduce a model for specifying security policies in terms of s...
متن کاملDealing with Multi - Policy Security in LargeOpen Distributed
From the security point of view, one challenge for today's distributed architectures is to support interoperation between applications relying on diierent possibly inconsistent security policies. This paper proposes a practical solution for dealing with the coexistence of diierent security policies in distributed architectures. We introduce a model for specifying security policies in terms of s...
متن کاملAutomated Framework for Policy Optimization in Firewalls and Security Gateways
The challenge to address in multi-firewall and security gateway environment is to implement conflict-free policies, necessary to avoid security inconsistency, and to optimize, at the same time, performances in term of average filtering time, in order to make firewalls stronger against DoS and DDoS attacks. Additionally the approach should be real time, based on the characteristics of network tr...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Int. Journal of Network Management
دوره 21 شماره
صفحات -
تاریخ انتشار 2008