IPsec/VPN security policy correctness and assurance

12 years 9 months ago
IPsec/VPN security policy correctness and assurance
: With IPSec/VPN policies being widely deployed, how to correctly specify and configure them is critical in enforcing security requirements. Under current practice, IPSec/VPN policies are usually specified manually by system administrators and thus prone to errors. However, dynamic aspects in the network may interfere with the existing policy set up and thus cause unexpected conflict. To deal with these problems, we formally define IPSec security requirements, policies, and their correctness criteria. Based on these definitions, we present an inter-domain architecture to automatically generate correct and efficient security policies. Our approach works when we are given a set of security requirements for a single end-to-end traffic flow. We can also deal with changes when new security requirements are added. Finally, we present simulation results which evaluate the performance of our solutions. Keyword: IPSec/VPN Security Policy, Security Requirement, Security Policy Correctness, Secur...
Yanyan Yang, Charles U. Martel, Zhi (Judy) Fu, Shy
Added 13 Dec 2010
Updated 13 Dec 2010
Type Journal
Year 2006
Where JHSN
Authors Yanyan Yang, Charles U. Martel, Zhi (Judy) Fu, Shyhtsun Felix Wu
Comments (0)