Title :
Policy modeling and refinement for network security systems
Author :
De Albuquerque, João Porto ; Krumm, Heiko ; De Geus, Paulo Lício
Author_Institution :
Inst. of Comput., State Univ. of Campinas, Brazil
Abstract :
In today´s network environments the integrated design and management of different security technologies and mechanisms are of great interest. Especially in large networks, the security management should be supported by approaches with an appropriate level of abstraction, such that a system can be considered independently of the complex configuration details of its various component mechanisms. Furthermore, the employment of the security services and the design of their configurations should be supported by a structured technique that separates the consideration of the system as a whole from the detailed design of the subsystems. Pursuing these goals, this papers offers an approach to modeling network security systems, based on the concepts of policy-based management and model-based management, and analyzes the policy representation and refinement as well as the model validation enabled by this modeling.
Keywords :
computer network management; configuration management; formal specification; security of data; configuration design; model validation; model-based management; network security systems; policy modeling; policy refinement; policy-based management; security management; security services; Buildings; Computer network management; Computer networks; Computerized monitoring; Costs; Employment; Environmental management; Protection; Security; Technology management;
Conference_Titel :
Policies for Distributed Systems and Networks, 2005. Sixth IEEE International Workshop on
Print_ISBN :
0-7695-2265-3
DOI :
10.1109/POLICY.2005.24
