Semantic context aware security policy deployment
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Dynamic deployment of context-aware access control policies for constrained security devices
Journal of Systems and Software
Hi-index | 0.00 |
With the development of enterprise Intranet and clusterservers, many emerging security challenges could not besolved by conventional firewall due to its inner deficiency.To address these security problems, we present amobile-agent based distributed dynamic µFirewallarchitecture. In this architecture, special mobile agentsimplement dynamic security policy reconfiguration andenhance the scalability. Each µFirewall is built with apacket filter and DTE-enhanced evaluator to provide dualfine-grain protection at the individual host level. Adistributed intrusion detection and response (DIDR)system provides fast response to both external and internalattacks, and allows adaptive change in security policy inthe protected network. DIDR system provides theinfrastructure to support hierarchical intrusion responseand dynamic security capabilities. The distributed securityarchitecture is scalable, topology independent, andintrusion-tolerant.