Firewalls fend off invasions from the Net
IEEE Spectrum
On a Pattern-Oriented Model for Intrusion Detection
IEEE Transactions on Knowledge and Data Engineering
| Hi-index | 0.01 |
Policy Based Network Management (PBNM) for network security has been paid much attention as a solution to consistent and unified management of security systems including IDS (Intrusion Detection System) and Firewall. In this paper, we define NSPIM (Network Security Policy Information Model) as a framework of representation, edition, store, and reuse of policies for intrusion detection and response in the PBNM. NSPIM forces each component of PBNM for network security to be flexible and extensible. NSPIM induces the operational structure of PMT (Policy Management Tool) and the data schema of PR (Policy Repository). In addition, policy provisioning objects between PDP (Policy Decision Point) and PEP (Policy Enforcement Point) can be defined based on NSPIM.