A network security policy model and its realization mechanism

Authors:
Chenghua Tang;Shuping Yao;Zhongjie Cui;Limin Mao
Affiliations:
Lab of Computer Network Defense Technology, Beijing Institute of Technology, Beijing, P.R.China;Lab of Computer Network Defense Technology, Beijing Institute of Technology, Beijing, P.R.China;Lab of Computer Network Defense Technology, Beijing Institute of Technology, Beijing, P.R.China;Lab of Computer Network Defense Technology, Beijing Institute of Technology, Beijing, P.R.China
Venue:
Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
Year:
2006

Citing 4
Cited 0

Role-Based Access Control Models

Computer
Configuring role-based access control to enforce mandatory and discretionary access control policies

ACM Transactions on Information and System Security (TISSEC)
Detecting Conflicts in a Role-Based Delegation Model

ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Realizing Network Control Policies Using Distributed Action Plans

Journal of Network and Systems Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

The large-scale network environment incarnates interconnection of different security domains. There are different security policies in the domain or among the domains, and conflicts can arise in the set of policies which lack of trust and consultation. A network security policy model is proposed in this paper. By defining and describing security policy and domain, the policies' integrity, validity, consistency, conflicts detecting, resolving and releasing are studied. The policy implementation mechanism is based on rule engine. This paper gives the achieve steps and efficiency analysis. The technology can be adapted to establishing and controlling the policy service in the extensive network environment.