A Dynamic and Self-Adaptive Network Security Policy Realization Mechanism

Using high-level security policy rules to regulate low-level system, the security management system with a high level of expansibility and flexibility was made. For purpose of managing network security policy duly and flexibly in the complex network environment, and resolving its issue efficiency, a dynamic and self-adaptive security policy realization mechanism is proposed. The accident monitor and policy life-cycle are put forward, and the impact of safety equipment or user requests, such as system resources found on the flow control can be calculated automatically. The system can independently carry out a dynamic, flexible and real-time to adjust and control in the network environment and security needs change. The distribution model is given to response policy request rapidly, take the appropriate policy dissemination methods, and reduce PDP computing tasks, system resource consumption, which introduces the concepts of issue affecting factors, security domain addresses allocation, etc. Expression and making ways of the structure-dissimilarity policy faced on attribute characters and operation are analyzed emphatically. The effectiveness of the proposed model and algorithms is proved by experiments.