Cooperating Security Management for Mutually Trusted Secure Networks

A network system could be better protected by physically dividing it into administrative management groups according to different access rights. However, to effectively manage a network system, security information sharing is necessary. Since a system could suffer from the same security threats as another system, how to share the security information to prevent a system from the same security flaw is urgently requested. In this paper, we first propose a concept of management domain by differentiating the access rights of network hosts. We then present a global secure management platform by constructing a three-layered security architecture: agent layer, server layer, and manager layer. Through the security information collected by intrusion detection agents, vulnerability assessment agents, and service guard agents, and exchanged among domain servers, mutually trusted network domains can be cooperated to provide a better and effective management system. Keyword: firewall, intrusion detection, vulnerability assessment, security information exchange.