| Name: | Description: | Size: | Format: | |
|---|---|---|---|---|
| 2.39 MB | Adobe PDF |
Authors
Advisor(s)
Abstract(s)
This paper describes a policy-based approach to firewall management. The Policy-Based Networking (PBN) architecture proposed by the Policy Framework Group of lnternet Engineering Task Force (1ETF) is analysed, together with the communication protocols, policy specification languages, and the necessary information models. An overview of policy specification languages applicability to PBN architecture is presented paying particular attention to the specification of security policies through Security Policy Specification Language (SPSL). The Common Open Policy Service protocol (coPs) and its variant, coPs for Policy provisioning (COPS-PR), both used for the transport of policy information, are also presented. The paper continues with a description of an application of the PBN architecture to firewall management. The proposed architecture is presented and its implementation issues are analysed with some usage examples. The paper concludes with the evaluation of the policybased approach to firewall management.
Description
Keywords
Networking Computer security Firewall Network architecture Specification language Transmission protocol Decision rule