Title :
Methodology for network security design
Author :
Graft, Donald ; Pabrai, Mohnish ; Pabrai, Uday
Author_Institution :
Tellabs Inc., Lisle, IL, USA
Abstract :
A methodology for the design of network security based on the ISO 7498-2 security architecture is defined. The methodology enforces a problem-centered approach by explicitly defining separate specification, design, and implementation phases. In the specification phase, design constraints are identified and the required services are determined. In the design phase, the services are placed within the security architecture, the service primitives are defined, and the underlying service mechanisms and protocols are designed. In the implementation phase, a hardware and software solution is developed, the system is tested and verified, and required accreditation and certification are obtained. The methodology is illustrated by considering an application for an imaginary company. General conclusions regarding the feasibility of defining a network security methodology are presented
Keywords :
computer networks; protocols; security of data; ISO 7498-2 security architecture; design; design constraints; implementation phases; methodology; network security design; problem-centered approach; protocols; specification; Accreditation; Application software; Certification; Computer architecture; Design methodology; Hardware; ISO standards; Protocols; Software testing; System testing;
Conference_Titel :
Computers and Communications, 1990. Conference Proceedings., Ninth Annual International Phoenix Conference on
Conference_Location :
Scottsdale, AZ
Print_ISBN :
0-8186-2030-7
DOI :
10.1109/PCCC.1990.101685
