A New Method for Creating Efficient Security Policies in Virtual Private Network
نویسندگان
چکیده
One of the most important protocols for implementing tunnels in order to take action of secure virtual private network is IPsec protocol. IPsec policies are used widely in order to limit access to information in security gateways or firewalls. The security treatment, namely (Deny, Allow or Encrypt) is done for outbound as well as inbound traffic by security policies. It is so important that they adjust properly. The current methods for security policies creation as seen in given security requirements are not efficient enough i.e. there are much more created policies than requirements. In this paper, we define a new method to decrease adopted security policies for a specific set of security requirements without any undesirable effect. Our measurement shows that security policies creation will be improved efficiently, and their updating time will be decreased.
منابع مشابه
Design and Implementation of Virtual Private Services
Large scale distributed applications such as electronic commerce and online marketplaces (e.g., auction services) combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security and privacy issues, caused by the complexity of the operating environment. In particular, policies at multiple layers and locations force...
متن کاملVirtual Private Services: Coordinated Policy Enforcement for Distributed Applications
Large scale distributed applications combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security issues, caused by the complexity of the operating environment. In particular, policies at multiple layers and locations force conventional mechanisms such as firewalls and compartmented file storage into roles wher...
متن کاملToward an energy efficient PKC-based key management system for wireless sensor networks
Due to wireless nature and hostile environment, providing of security is a critical and vital task in wireless sensor networks (WSNs). It is known that key management is an integral part of a secure network. Unfortunately, in most of the previous methods, security is compromised in favor of reducing energy consumption. Consequently, they lack perfect resilience and are not fit for applications ...
متن کاملDynamic Virtual Private Networks
We extend traditional Virtual Private Networks (VPNs) with fault-tolerance and dynamic membership properties, deening a Dynamic Virtual Private Network (DVPN). We require no new hardware and make no special assumptions about line security. An implementation exhibits low overheard, provides guarantees of authenticity and conndentiality to any IP application running over the virtual network. Our ...
متن کاملCongestion estimation of router input ports in Network-on-Chip for efficient virtual allocation
Effective and congestion-aware routing is vital to the performance of network-on-chip. The efficient routing algorithm undoubtedly relies on the considered selection strategy. If the routing function returns a number of more than one permissible output ports, a selection function is exploited to choose the best output port to reduce packets latency. In this paper, we introduce a new selection s...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008