ISCP: design and implementation of an inter-domain security management agent (SMA) coordination protocol
نویسندگان
چکیده
This research is supported by the U.S. Department of Defense Advanced Research Projects Agency under contract DABT63-97-C-0045. Abstract Many security mechanisms and protocols have been developed to handle security problems in various circumstances. This trend has created a heterogeneous security environment for today's global Internet. Although most of security functions and modules can be managed “individually” through SNMP, very little has been researched in coordinating a set of distributed security modules to provide and manage an "End-to-End" security service. In order to support service management for network security, in this paper, we developed the ISCP protocol (Inter-Domain Security Management Agent Coordination Protocol) to communicate security capability and policy information among the security management agents in each policy domain. ISCP is designed with good scalability, interoperability, extensibility and security. Performance evaluation using our ISCP prototype implementation are also presented.
منابع مشابه
DecIdUouS: Decentralized Source Identification for Network-Based Intrusions
DECIDUOUS is a security management framework for identifying the sources of network-based intrusions. The rst key concept in DECIDUOUS is dynamic security associations, which e ciently and collectively provide location information for attack sources. DECIDUOUS is built on top of IETF's IPSEC/ISAKMP infrastructure, and it does not introduce any new network protocol for source identi cation in a ...
متن کاملModel Analysis of Effective Factors on the Implementation of Crisis Management Policies
INTRODUCTION: Crisis management maintains security, stability, and flexibility in society by integrating different social resources with appropriate decisions and strengthening the ability of the community to recover from the negative impacts. Therefore, the present study aimed to conduct a model analysis of effective factors in implementing crisis management policies. METHODS: The present stu...
متن کاملBANDS: An Inter-domain Internet Security Policy Management System for IPSec/VPN
IPSecNPN is widely deployed for users to remotely access their corporate data. IPSec policies must be correctly set up for VPN to provide anticipated protection. Manual policy setup is unscalable, inefficient and error-prone. Automated policy generation to comply with and enforce high-level security policies is desired but difficult, especially in an inter-domain environment when a VPN traverse...
متن کاملApplying Intelligent Agent Technology to Develop Coordinative Workflow Platform for Inter-organizational Applications
In this paper, we apply agent technology to develop autonomous WfMS with a separately coordinative interface to fulfill the consideration of security for inter-organizational applications. The proposed agent-based coordinative WfMS (ACWS) are implemented on a JADE platform containing three normal containers. The client container works as an agent pool to support client’s operations about submit...
متن کاملSecuring SIP in VoIP Domain
Voice service is vulnerable to a number of attacks that can compromise the confidentiality, integrity and authenticity of voice communication. As a result, this paper proposes a security protocol that protects these security aspects of voice service. The proposed security protocol identifies the security roles of the different components within VoIP domain applying SIP as the signalling protoco...
متن کامل