Please use this identifier to cite or link to this item:
|Title:||Reliable Process for Security Policy Deployment|
García Alfaro, Joaquín
|Others:||K-ryptography and Information Security for Open Networks. KISON|
|Citation:||Preda, S.; Cuppens, N.; Cuppens, F.; García-Alfaro, J.; Navarro, G.; Tourain, L. (2007). "Reliable Process for Security Policy Deployment". In: International Conference on Security and Cryptography (Secrypt 2007). INSTICC. Barcelona. 28 - 31 July.|
|Abstract:||We focus in this paper on the problem of configuring and managing network security devices, such as Fire- walls, Virtual Private Network (VPN) tunnels, and Intrusion Detection Systems (IDSs). Our proposal is the following. First, we formally specify the security requirements of a given system by using an expressive access control model. As a result, we obtain an abstract security policy, which is free of ambiguities, redundancies or unnecessary details. Second, we deploy such an abstract policy through a set of automatic compilations into the security devices of the system. This proposed deployment process not only simplifies the security administrator's job, but also guarantees a resulting configuration free of anomalies and/or inconsistencies.|
|Appears in Collections:||Conference lectures|
Items in repository are protected by copyright, with all rights reserved, unless otherwise indicated.