Multi-constraint Security Policies for Delegated Firewall Administration

نویسندگان

  • Cássio Ditzel Kropiwiec
  • Edgard Jamhour
  • Manoel Camillo Penna
  • Guy Pujolle
چکیده

This work presents a new policy based security framework that is able handle simultaneously and coherently mandatory, discretionary and security property policies. One important aspect of the proposed framework is that each dimension of the security policies can be managed independently, allowing people playing different roles in an organization to define security policies without violating a global security goal. The framework creates an abstract layer that permits to define security policies independently of how they will be enforced. For example, the mandatory and security property polices could be assigned to the risk management staff while the discretionary policies could be delegated among the several departments in the organization.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Matrix Model for Designing and Implementing Multi-firewall Environments

Firewalls are core elements in network security, the effectiveness of firewall security is dependent on configuring the firewall policy correctly. A firewall policy describes the access that will be permitted or denied from the trusted network. In a corporate network several firewalls are setup and administrated by different individuals. The consistency between those firewall policies is crucia...

متن کامل

PolicyVis: Firewall Security Policy Visualization and Inspection

Firewalls have an important role in network security. However, managing firewall policies is an extremely complex task because the large number of interacting rules in single or distributed firewalls significantly increases the possibility of policy misconfiguration and network vulnerabilities. Moreover, due to low-level representation of firewall rules, the semantic of firewall policies become...

متن کامل

Dealing with Multi-policy Security in Large Open Distributed Systems

From the security point of view, one challenge for today's distributed architectures is to support interoperation between applications relying on di erent possibly inconsistent security policies. This paper proposes a practical solution for dealing with the coexistence of di erent security policies in distributed architectures. We introduce a model for specifying security policies in terms of s...

متن کامل

Dealing with Multi - Policy Security in LargeOpen Distributed

From the security point of view, one challenge for today's distributed architectures is to support interoperation between applications relying on diierent possibly inconsistent security policies. This paper proposes a practical solution for dealing with the coexistence of diierent security policies in distributed architectures. We introduce a model for specifying security policies in terms of s...

متن کامل

Automated Framework for Policy Optimization in Firewalls and Security Gateways

The challenge to address in multi-firewall and security gateway environment is to implement conflict-free policies, necessary to avoid security inconsistency, and to optimize, at the same time, performances in term of average filtering time, in order to make firewalls stronger against DoS and DDoS attacks. Additionally the approach should be real time, based on the characteristics of network tr...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Int. Journal of Network Management

دوره 21  شماره 

صفحات  -

تاریخ انتشار 2008