Directed Security Policies: A Stateful Network Implementation
نویسندگان
چکیده
منابع مشابه
Directed Security Policies: A Stateful Network Implementation
Large systems are commonly internetworked. A security policy describes the communication relationship between the networked entities. The security policy defines rules, for example that A can connect to B, which results in a directed graph. However, this policy is often implemented in the network, for example by firewalls, such that A can establish a connection to B and all packets belonging to...
متن کاملFormal Implementation of Network Security Policies
This paper introduces an algebraic approach that aims to enforce a security policy on a given computer network. More precisely, given a network and a security policy, we want to automatically generate the necessary monitors (a single fire-wall or many ones where each of them controls a part of the networks) that force the network to be secure according to the security policy definition. In this...
متن کاملDeriving IPSec Network Security Policies from Organization Security Policies
This paper presents a new model for describing IPSec policies that can be derived by using classifications assigned to information flows. The classifications assigned to information flows are assigned in accordance with NIST information security guidelines.
متن کاملDeriving IPSec Network Security Policies from Organization Security Policies
This paper presents a new model for describing IPSec policies that can be derived by using classifications assigned to information flows. The classifications assigned to information flows are assigned in accordance with NIST information security guidelines.
متن کاملStateful Security Protocol Verification
A long-standing research problem in security protocol design is how to efficiently verify security protocols with tamper-resistant global states. In this paper, we address this problem by first proposing a protocol specification framework, which explicitly represents protocol execution states and state transformations. Secondly, we develop an algorithm for verifying security properties by utili...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Electronic Proceedings in Theoretical Computer Science
سال: 2014
ISSN: 2075-2180
DOI: 10.4204/eptcs.150.3