Aggregating and Deploying Network Access Control Policies

Details Aggregating and Deploying Network Access Control Policies Aggregating and Deploying Network Access Control Policies

2008-03-05

arxiv.org/abs/0803.0653v1

Proc. 2007 International Symposium on Frontiers in Availability, Reliability and Security (FARES), Vienna (Austria), 10-13 Apr

Computer Science

Cryptography and Security

9 pages

Scientific paper

The existence of errors or inconsistencies in the configuration of security components, such as filtering routers and/or firewalls, may lead to weak access control policies -- potentially easy to be evaded by unauthorized parties. We present in this paper a proposal to create, manage, and deploy consistent policies in those components in an efficient way. To do so, we combine two main approaches. The first approach is the use of an aggregation mechanism that yields consistent configurations or signals inconsistencies. Through this mechanism we can fold existing policies of a given system and create a consistent and global set of access control rules -- easy to maintain and manage by using a single syntax. The second approach is the use of a refinement mechanism that guarantees the proper deployment of such a global set of rules into the system, yet free of inconsistencies.

Affiliated with

Also associated with

No associations

Rating

Aggregating and Deploying Network Access Control Policies does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with Aggregating and Deploying Network Access Control Policies, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Aggregating and Deploying Network Access Control Policies will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-161211