Location Aware Self-Adapting Firewall Policies
نویسنده
چکیده
Private access to corporate servers from Internet can be achieved using various security mechanisms. This article presents a network access control mechanism that employs a policy management architecture empowered with dynamic firewalls. With the existence of such an architecture, system and/or network administrators do not need to reconfigure firewalls when there is a location change in user settings, reconfiguration will be automatic and seamless. The proposed architecture utilizes dynamic firewalls, which adapt their policies according to user locations through the guidance of a policy server. This architecture is composed of a VPN client at user site, a domain firewall with VPN capabilities, a policy server containing a policy decision engine, and policy agents residing in dynamic firewalls, which map policy server decisions to firewall policy rules, at server site. Key-Words: Network Access Control, Firewalls, Firewall Policies, VPN, Location Awareness, XACML, Policy Agents.
منابع مشابه
on : Context awareness for Self - Managing Systems
The development of self-adapting Web applications based on composite architectures, such as Service Oriented Architectures (SOA), is challenged by the lack of support to the specification of explicit adaptation policies for the context-aware management of the business, interaction and presentation logics. In order to address this limitation, we propose a vertical architecture extending SOA with...
متن کاملYarncraft: Location Aware Narratives in Virtual Space
Location-aware narratives are a form of hypertext in which the path of the narrative is determined by the reader’s physical location. In this paper we adapt an existing model of location-aware sculptural hypertext to make it suitable for navigating in virtual space, and create an extension to an existing virtual world to demonstrate how hyper-narratives written in this framework may be consumed...
متن کاملMobile Security with Location-Aware Role-Based Access Control
This paper describes how location-aware Role-Based Access Control (RBAC) can be implemented on top of the Geographically eXtensible Access Control Markup Language (GeoXACML). It furthermore sketches how spatial separation of duty constraints (both static and dynamic) can be implemented using GeoXACML on top of the XACML RBAC profile. The solution uses physical addressing of geographical locatio...
متن کاملA Context-Aware Kernel IPC Firewall for Android
Our phones go wherever we go. Ever present, and with ever more data and connections, smartphones hold as much sensitive data as traditional systems but do not have the same protections. Android’s recent 6.0 (Marshmallow) release introduced much needed dynamic permission checks for applications. However, this does not go far enough in adapting to mobile phone’s unique security needs. Smartphones...
متن کاملThe futility of common firewall policies: an experimental demonstration
Many healthcare organizations utilize network "firewalls" to protect their networks from being accessed by unauthorized external entities. These same firewalls are also often configured to deny access to certain external services from within the internal network. The latter policy can be subverted through a "protocol tunneling" strategy, which has been implemented as a set of programs called "F...
متن کامل