Cryptography and Network Security: Principles and Practice
Cryptography and Network Security: Principles and Practice
IPSec/VPN Security Policy: Correctness, Conflict Detection, and Resolution
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
ZERO-conflict: a grouping-based approach for automatic generation of IPSec/VPN security policies
DSOM'06 Proceedings of the 17th IFIP/IEEE international conference on Distributed Systems: operations and management
Hi-index | 0.00 |
IPsec (IP security) will function correctly only if its security policies satisfy all the requirements. If the security policies cannot meet a set of consistent requirements, we said there are policy conflicts. In this paper, we analyze all situations which could possibly lead to a policy conflict and try to resolve all of them. We induce only two situations which could cause conflicts and also propose an algorithm to automatically generate conflict-free policies which satisfy all requirements. We also implement our algorithm and compare the results of simulation with the other approaches and show that it outperforms existing approaches in the literature.