CLID: A general approach to validate security policies in a dynamic network

Many researchers have considered security policy management, including how to configure policies manually and even how to automatically generate security policies based on security requirements. Both can be error prone, especially when properties of the network topology change, because security requirements are usually not bound to any particular route path. Our DETER lab emulation results show that conflicts could be caused by these factors. Therefore, a systematic way to validate the correctness of the security policies is essential. This paper presents an approach, CLID (conflict and looping identification and detection), to verify whether a set of security policies (e.g. IPSec/VPN tunnels) satisfy the given security requirements, without causing any conflicts. This approach utilizes the definition of a security policy lo include network routing data as well as traffic selector information, thus it works for general network topologies. We also analyze and justify the correctness of the approach. The paper concludes with our simulation results and addresses future work.