Loading…
Reliable Process for Security Policy Deployment
We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using...
Saved in:
Published in: | arXiv.org 2009-05 |
---|---|
Main Authors: | , , , , |
Format: | Article |
Language: | English |
Subjects: | |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
cited_by | |
---|---|
cites | |
container_end_page | |
container_issue | |
container_start_page | |
container_title | arXiv.org |
container_volume | |
creator | Preda, Stere Cuppens-Boulahia, Nora Cuppens, Frederic Garcia-Alfaro, Joaquin Toutain, Laurent |
description | We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies. |
format | article |
fullrecord | <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2087652947</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2087652947</sourcerecordid><originalsourceid>FETCH-proquest_journals_20876529473</originalsourceid><addsrcrecordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQD0rNyUxMyklVCCjKT04tLlZIyy9SCE5NLi3KLKlUCMjPyUyuVHBJLcjJr8xNzSvhYWBNS8wpTuWF0twMym6uIc4eugVF-YWlqcUl8Vn5pUV5QKl4IwMLczNTI0sTc2PiVAEAONYy5w</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2087652947</pqid></control><display><type>article</type><title>Reliable Process for Security Policy Deployment</title><source>Publicly Available Content Database (Proquest) (PQ_SDU_P3)</source><creator>Preda, Stere ; Cuppens-Boulahia, Nora ; Cuppens, Frederic ; Garcia-Alfaro, Joaquin ; Toutain, Laurent</creator><creatorcontrib>Preda, Stere ; Cuppens-Boulahia, Nora ; Cuppens, Frederic ; Garcia-Alfaro, Joaquin ; Toutain, Laurent</creatorcontrib><description>We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.</description><identifier>EISSN: 2331-8422</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Access control ; Anomalies ; Cybersecurity ; Electronic devices ; Firewalls ; Intrusion detection systems ; IP (Internet Protocol) ; Network security ; Security management ; Virtual private networks</subject><ispartof>arXiv.org, 2009-05</ispartof><rights>2009. This work is published under http://arxiv.org/licenses/nonexclusive-distrib/1.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://www.proquest.com/docview/2087652947?pq-origsite=primo$$EHTML$$P50$$Gproquest$$Hfree_for_read</linktohtml><link.rule.ids>780,784,25753,37012,44590</link.rule.ids></links><search><creatorcontrib>Preda, Stere</creatorcontrib><creatorcontrib>Cuppens-Boulahia, Nora</creatorcontrib><creatorcontrib>Cuppens, Frederic</creatorcontrib><creatorcontrib>Garcia-Alfaro, Joaquin</creatorcontrib><creatorcontrib>Toutain, Laurent</creatorcontrib><title>Reliable Process for Security Policy Deployment</title><title>arXiv.org</title><description>We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.</description><subject>Access control</subject><subject>Anomalies</subject><subject>Cybersecurity</subject><subject>Electronic devices</subject><subject>Firewalls</subject><subject>Intrusion detection systems</subject><subject>IP (Internet Protocol)</subject><subject>Network security</subject><subject>Security management</subject><subject>Virtual private networks</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2009</creationdate><recordtype>article</recordtype><sourceid>PIMPY</sourceid><recordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQD0rNyUxMyklVCCjKT04tLlZIyy9SCE5NLi3KLKlUCMjPyUyuVHBJLcjJr8xNzSvhYWBNS8wpTuWF0twMym6uIc4eugVF-YWlqcUl8Vn5pUV5QKl4IwMLczNTI0sTc2PiVAEAONYy5w</recordid><startdate>20090509</startdate><enddate>20090509</enddate><creator>Preda, Stere</creator><creator>Cuppens-Boulahia, Nora</creator><creator>Cuppens, Frederic</creator><creator>Garcia-Alfaro, Joaquin</creator><creator>Toutain, Laurent</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope></search><sort><creationdate>20090509</creationdate><title>Reliable Process for Security Policy Deployment</title><author>Preda, Stere ; Cuppens-Boulahia, Nora ; Cuppens, Frederic ; Garcia-Alfaro, Joaquin ; Toutain, Laurent</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-proquest_journals_20876529473</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2009</creationdate><topic>Access control</topic><topic>Anomalies</topic><topic>Cybersecurity</topic><topic>Electronic devices</topic><topic>Firewalls</topic><topic>Intrusion detection systems</topic><topic>IP (Internet Protocol)</topic><topic>Network security</topic><topic>Security management</topic><topic>Virtual private networks</topic><toplevel>online_resources</toplevel><creatorcontrib>Preda, Stere</creatorcontrib><creatorcontrib>Cuppens-Boulahia, Nora</creatorcontrib><creatorcontrib>Cuppens, Frederic</creatorcontrib><creatorcontrib>Garcia-Alfaro, Joaquin</creatorcontrib><creatorcontrib>Toutain, Laurent</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection (Proquest) (PQ_SDU_P3)</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database (Proquest) (PQ_SDU_P3)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering collection</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Preda, Stere</au><au>Cuppens-Boulahia, Nora</au><au>Cuppens, Frederic</au><au>Garcia-Alfaro, Joaquin</au><au>Toutain, Laurent</au><format>book</format><genre>document</genre><ristype>GEN</ristype><atitle>Reliable Process for Security Policy Deployment</atitle><jtitle>arXiv.org</jtitle><date>2009-05-09</date><risdate>2009</risdate><eissn>2331-8422</eissn><abstract>We focus in this paper on the problem of configuring and managing network security devices, such as Firewalls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><oa>free_for_read</oa></addata></record> |
fulltext | fulltext |
identifier | EISSN: 2331-8422 |
ispartof | arXiv.org, 2009-05 |
issn | 2331-8422 |
language | eng |
recordid | cdi_proquest_journals_2087652947 |
source | Publicly Available Content Database (Proquest) (PQ_SDU_P3) |
subjects | Access control Anomalies Cybersecurity Electronic devices Firewalls Intrusion detection systems IP (Internet Protocol) Network security Security management Virtual private networks |
title | Reliable Process for Security Policy Deployment |
url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-25T22%3A21%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=document&rft.atitle=Reliable%20Process%20for%20Security%20Policy%20Deployment&rft.jtitle=arXiv.org&rft.au=Preda,%20Stere&rft.date=2009-05-09&rft.eissn=2331-8422&rft_id=info:doi/&rft_dat=%3Cproquest%3E2087652947%3C/proquest%3E%3Cgrp_id%3Ecdi_FETCH-proquest_journals_20876529473%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2087652947&rft_id=info:pmid/&rfr_iscdi=true |