Policy-based networking: applications to firewall management

被引:0
|
作者
Caldeira, F
Monteiro, E
机构
[1] Polytech Inst Viseu, ESTV, Dept Informat, P-3504510 Viseu, Portugal
[2] Univ Coimbra, CISUC, DEI, Lab Commun & Telemat, P-3030290 Coimbra, Portugal
来源
ANNALS OF TELECOMMUNICATIONS | 2004年 / 59卷 / 1-2期
关键词
networking; computer security; firewall; network architecture; specification language; transmission protocol; decision rule;
D O I
暂无
中图分类号
TN [电子技术、通信技术];
学科分类号
0809 ;
摘要
This paper describes a policy-based approach to firewall management. The Policy-Based Networking (PBN) architecture proposed by the Policy Framework Group of Internet Engineering Task Force (IETF) is analysed, together with the communication protocols, policy specification languages, and the necessary information models. An overview of policy specification languages applicability to PBN architecture is presented paying particular attention to the specification of security policies through Security Policy Specification Language (SPSL). The Common Open Policy Service protocol (cops) and its variant, COPS for Policy provisioning (COPS-PR), both used for the transport of policy information, are also presented. The paper continues with a description of an application of the PBN architecture to firewall management. The proposed architecture is presented and its implementation issues are analysed with some usage examples. The paper concludes with the evaluation of the policy-based approach to firewall management.
引用
收藏
页码:38 / 54
页数:17
相关论文
共 50 条
  • [1] A policy-based approach to firewall management
    Caldeira, F
    Monteiro, E
    [J]. NETWORK CONTROL AND ENGINEERING FOR QOS, SECURITY AND MOBILITY, 2003, 107 : 115 - 126
  • [2] A Flexible Policy-Based Firewall Management Framework
    Wu Jin-hua
    Chen Xiao-su
    Zhao Yi-zhu
    Ni Jun
    [J]. PROCEEDINGS OF THE 2008 INTERNATIONAL CONFERENCE ON CYBERWORLDS, 2008, : 192 - 194
  • [3] Policy-based networking
    Chadha, R
    Lapiotis, G
    Wright, S
    [J]. IEEE NETWORK, 2002, 16 (02): : 8 - 9
  • [4] Policy-based management for enterprise and carrier ATN networking
    Volner, R
    Bores, P
    [J]. BEC 2004: Proceeding of the 9th Biennial Baltic Electronics Conference, 2004, : 315 - 318
  • [5] Policy-based management for enterprise and carrier IP networking
    Hamada, T
    Czezowski, P
    Chujo, T
    [J]. FUJITSU SCIENTIFIC & TECHNICAL JOURNAL, 2000, 36 (02): : 128 - 139
  • [6] Applications of policy-based network management
    Chadha, R
    [J]. NOMS 2004: IEEE/IFIP NETWORK OPERATIONS AND MANAGMENT SYMPOSIUM: MANAGING NEXT GENERATION CONVERGENCE NETWORKS AND SERVICES, 2004, : 907 - 908
  • [7] Firewall analysis with policy-based host classification
    Marmorstein, Robert
    Kearns, Phil
    [J]. LISA 06: USENIX ASSOCIATION PROCEEDINGS OF THE 20TH LARGE INSTALLATION SYSTEM ADMINISTRATION CONFERENCE, 2006, : 41 - +
  • [8] Policy-based networking architecture for QoS interworking in IP management
    Blight, DC
    Hamada, T
    [J]. INTEGRATED NETWORK MANAGEMENT VI: DISTRIBUTED MANAGEMENT FOR THE NETWORKED MILLENNIUM, 1999, : 813 - 826
  • [9] Special issue on policy-based networking
    O'Reilly, P
    [J]. IEEE NETWORK, 2002, 16 (02): : 2 - 2
  • [10] Dynamic Policy-Based Routing using Firewall Rules
    Tantipongsakul, Kavin
    Khunkitti, Akharin
    [J]. 2009 THIRD UKSIM EUROPEAN SYMPOSIUM ON COMPUTER MODELING AND SIMULATION (EMS 2009), 2009, : 540 - 545
12345