The Specification and Enforcement of Advanced Security Policies
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
An Adaptive Policy-Based Framework for Network Services Management
Journal of Network and Systems Management
Joint Policy Management and Auditing in Virtual Organizations
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
Visual Modelling of Role-Based Security Policies in Distributed Multimedia Applications
ISMSE '04 Proceedings of the IEEE Sixth International Symposium on Multimedia Software Engineering
A Network Access Control Approach Based on the AAA Architecture and Authorization Attributes
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
The development of policy proxy agent in policy-based network security management system
ISP'06 Proceedings of the 5th WSEAS International Conference on Information Security and Privacy
Towards a corporate IT risk management model
ISP'07 Proceedings of the 6th WSEAS international conference on Information security and privacy
Security and management policy specification
IEEE Network: The Magazine of Global Internetworking
The communication unit of measuring device in power engineering
WSEAS TRANSACTIONS on COMMUNICATIONS
Hi-index | 0.01 |
Private access to corporate servers from Internet can be achieved using various security mechanisms. This article presents a network access control mechanism that employs a policy management architecture empowered with dynamic firewalls. With the existence of such an architecture, system and/or network administrators do not need to reconfigure firewalls when there is a location change in user settings, reconfiguration will be automatic and seamless. The proposed architecture utilizes dynamic firewalls, which adapt their policies according to user locations through the guidance of a policy server. This architecture is composed of a VPN client at user site, a domain firewall with VPN capabilities, a policy server containing a policy decision engine, and policy agents residing in dynamic firewalls, which map policy server decisions to firewall policy rules, at server site.