Title :
Managing network security-a pragmatic approach
Author :
Falk, Rainer ; Trommer, Markus
Author_Institution :
Inst. for Data Process., Tech. Univ. Munchen, Germany
Abstract :
An efficient management is needed to make use of different security mechanisms in large networks. All mechanisms have to be configured consistently according to the security policy. To reduce complexity, the administrator should not have to cope with details not important for him. In the presented concept the network is divided into several administrative domains which are managed rather independently from each other. Each domain maintains its own network access control policy (NAP). The enterprise-wide policy is a combination of all NAPs. It is enforced by different security mechanisms and configuration can be derived from the global access policy automatically. Existing security mechanisms can be integrated by simply adding a policy transformation unit
Keywords :
computer network management; security of data; telecommunication security; wide area networks; enterprise-wide policy; global access policy; large networks; network access control policy; network security management; policy transformation unit; security policy; Access control; Collaborative work; Data processing; Data security; Face; Filters; Humans; Information management; Information security; Workstations;
Conference_Titel :
Reliable Distributed Systems, 1998. Proceedings. Seventeenth IEEE Symposium on
Conference_Location :
West Lafayette, IN
Print_ISBN :
0-8186-9218-9
DOI :
10.1109/RELDIS.1998.740530
