Referenced Items are not available for this document.
Network security policy enforcement consists in configuring heterogeneous security mechanisms (IPsec gateways, ACLs on routers, stateful firewalls, proxies, etc) that are available in a given network environment. The complexity of this task resides in the number, the nature, and the interdependence of the mechanisms to consider. Although several researchers have proposed different analysis tools, achieving this task requires experienced and proficient security administrators who can handle all these parameters today. We propose in the article a mathematical data flow oriented modelling approach in order to detect inconsistencies between security mechanisms. Our model is independent from specific security mechanisms to admit of their diversity, and also future security mechanisms not yet available. In addition, it allows fine-grained inconsistency analysis.
Published in:
Network and Information Systems Security (SAR-SSI), 2011 Conference on
Date of Conference: 18-21 May 2011
- Page(s):
- 1 - 7
- Print ISBN:
- 978-1-4577-0735-3
- INSPEC Accession Number:
- 12130952
- Conference Location :
- La Rochelle
- Digital Object Identifier :
- 10.1109/SAR-SSI.2011.5931390
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
