Loading…

Reliable Process for Security Policy Deployment

We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using...

Full description

Saved in:
Bibliographic Details
Published in:arXiv.org 2009-05
Main Authors: Preda, Stere, Cuppens-Boulahia, Nora, Cuppens, Frederic, Garcia-Alfaro, Joaquin, Toutain, Laurent
Format: Article
Language:English
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page
container_issue
container_start_page
container_title arXiv.org
container_volume
creator Preda, Stere
Cuppens-Boulahia, Nora
Cuppens, Frederic
Garcia-Alfaro, Joaquin
Toutain, Laurent
description We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.
format article
fullrecord <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2087652947</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2087652947</sourcerecordid><originalsourceid>FETCH-proquest_journals_20876529473</originalsourceid><addsrcrecordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQD0rNyUxMyklVCCjKT04tLlZIyy9SCE5NLi3KLKlUCMjPyUyuVHBJLcjJr8xNzSvhYWBNS8wpTuWF0twMym6uIc4eugVF-YWlqcUl8Vn5pUV5QKl4IwMLczNTI0sTc2PiVAEAONYy5w</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2087652947</pqid></control><display><type>article</type><title>Reliable Process for Security Policy Deployment</title><source>Publicly Available Content Database (Proquest) (PQ_SDU_P3)</source><creator>Preda, Stere ; Cuppens-Boulahia, Nora ; Cuppens, Frederic ; Garcia-Alfaro, Joaquin ; Toutain, Laurent</creator><creatorcontrib>Preda, Stere ; Cuppens-Boulahia, Nora ; Cuppens, Frederic ; Garcia-Alfaro, Joaquin ; Toutain, Laurent</creatorcontrib><description>We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.</description><identifier>EISSN: 2331-8422</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Access control ; Anomalies ; Cybersecurity ; Electronic devices ; Firewalls ; Intrusion detection systems ; IP (Internet Protocol) ; Network security ; Security management ; Virtual private networks</subject><ispartof>arXiv.org, 2009-05</ispartof><rights>2009. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.proquest.com/docview/2087652947?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>780,784,25753,37012,44590</link.rule.ids></links><search><creatorcontrib>Preda, Stere</creatorcontrib><creatorcontrib>Cuppens-Boulahia, Nora</creatorcontrib><creatorcontrib>Cuppens, Frederic</creatorcontrib><creatorcontrib>Garcia-Alfaro, Joaquin</creatorcontrib><creatorcontrib>Toutain, Laurent</creatorcontrib><title>Reliable Process for Security Policy Deployment</title><title>arXiv.org</title><description>We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.</description><subject>Access control</subject><subject>Anomalies</subject><subject>Cybersecurity</subject><subject>Electronic devices</subject><subject>Firewalls</subject><subject>Intrusion detection systems</subject><subject>IP (Internet Protocol)</subject><subject>Network security</subject><subject>Security management</subject><subject>Virtual private networks</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2009</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><recordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQD0rNyUxMyklVCCjKT04tLlZIyy9SCE5NLi3KLKlUCMjPyUyuVHBJLcjJr8xNzSvhYWBNS8wpTuWF0twMym6uIc4eugVF-YWlqcUl8Vn5pUV5QKl4IwMLczNTI0sTc2PiVAEAONYy5w</recordid><startdate>20090509</startdate><enddate>20090509</enddate><creator>Preda, Stere</creator><creator>Cuppens-Boulahia, Nora</creator><creator>Cuppens, Frederic</creator><creator>Garcia-Alfaro, Joaquin</creator><creator>Toutain, Laurent</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope></search><sort><creationdate>20090509</creationdate><title>Reliable Process for Security Policy Deployment</title><author>Preda, Stere ; Cuppens-Boulahia, Nora ; Cuppens, Frederic ; Garcia-Alfaro, Joaquin ; Toutain, Laurent</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-proquest_journals_20876529473</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2009</creationdate><topic>Access control</topic><topic>Anomalies</topic><topic>Cybersecurity</topic><topic>Electronic devices</topic><topic>Firewalls</topic><topic>Intrusion detection systems</topic><topic>IP (Internet Protocol)</topic><topic>Network security</topic><topic>Security management</topic><topic>Virtual private networks</topic><toplevel>online_resources</toplevel><creatorcontrib>Preda, Stere</creatorcontrib><creatorcontrib>Cuppens-Boulahia, Nora</creatorcontrib><creatorcontrib>Cuppens, Frederic</creatorcontrib><creatorcontrib>Garcia-Alfaro, Joaquin</creatorcontrib><creatorcontrib>Toutain, Laurent</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection (Proquest) (PQ_SDU_P3)</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database (Proquest) (PQ_SDU_P3)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering collection</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Preda, Stere</au><au>Cuppens-Boulahia, Nora</au><au>Cuppens, Frederic</au><au>Garcia-Alfaro, Joaquin</au><au>Toutain, Laurent</au><format>book</format><genre>document</genre><ristype>GEN</ristype><atitle>Reliable Process for Security Policy Deployment</atitle><jtitle>arXiv.org</jtitle><date>2009-05-09</date><risdate>2009</risdate><eissn>2331-8422</eissn><abstract>We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier EISSN: 2331-8422
ispartof arXiv.org, 2009-05
issn 2331-8422
language eng
recordid cdi_proquest_journals_2087652947
source Publicly Available Content Database (Proquest) (PQ_SDU_P3)
subjects Access control
Anomalies
Cybersecurity
Electronic devices
Firewalls
Intrusion detection systems
IP (Internet Protocol)
Network security
Security management
Virtual private networks
title Reliable Process for Security Policy Deployment
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-25T22%3A21%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=document&rft.atitle=Reliable%20Process%20for%20Security%20Policy%20Deployment&rft.jtitle=arXiv.org&rft.au=Preda,%20Stere&rft.date=2009-05-09&rft.eissn=2331-8422&rft_id=info:doi/&rft_dat=%3Cproquest%3E2087652947%3C/proquest%3E%3Cgrp_id%3Ecdi_FETCH-proquest_journals_20876529473%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2087652947&rft_id=info:pmid/&rfr_iscdi=true