Layered multipoint network defense and security policy enforcement

نویسنده

  • Stephen D. Wolthusen
چکیده

This paper discusses the enhancement of security in general purpose operating systems, especially related to threats caused by internetworking, using extensions to operating systems. Such mechanisms have a significantly larger basis for reaching security policy decisions than older host-level security mechanisms and firewalls. By layering defensive mechanisms yet enforcing a consistent security policy across the security layers, goals such as workload distribution, vulnerability compartmentalization, and hierarchical refinement of security policies can be achieved. Keywords— Security Policy, Operating System Extension, Firewalling, Access Control, Auditing

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Service Dependencies-Aware Policy Enforcement Framework Based on Hierarchical Colored Petri Net

As computer and network security threats become more sophisticated and the number of service dependencies is increasing, optimal response decision is becoming a challenging task for security administrators. They should deploy and implement proper network security policy enforcement mechanisms in order to apply the appropriate countermeasures and defense strategy. In this paper, we propose a nov...

متن کامل

Security Policy Definition and Enforcement in Distributed Systems

Security Policy Definition and Enforcement in Distributed Systems

متن کامل

Layered Security Framework for Intrusion Prevention

Internet provides huge information and value to the users but at the same time access to the internet is prone to increasing number of attacks. Due to vulnerabilities in the network system, protecting network from malicious activities is prime concern today. It is important to analyse vulnerabilities and record them so that future attacks can be predicted. In this paper vulnerabilities which ex...

متن کامل

Layered Defense in Depth Model for IT Organizations

Security methodologies are constantly changing and improving hence becoming a challenge for IT organization to keep their posture up-to-date and effective. It may be productive to examine different security postures to create and improve organization’s information security architecture. This paper discusses about defense in depth model and strategy to implement it effectively. Also fructificati...

متن کامل

Virtual Private Services: Coordinated Policy Enforcement for Distributed Applications

Large scale distributed applications combine network access with multiple storage and computational elements. The distributed responsibility for resource control creates new security issues, caused by the complexity of the operating environment. In particular, policies at multiple layers and locations force conventional mechanisms such as firewalls and compartmented file storage into roles wher...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2001