Analyzing consistency of security policies

Cholvy, Laurence; Cuppens, Frédéric

doi:10.1109/secpri.1997.601324

Cited by 69 publications

(57 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Because disagreements naturally arise among administrators, FSL was designed so that those disagreements would manifest as conflicts in policies [53,36,12,10,24,27,48,11,7]. Conflicts between policy modules entered by different administrators can be detected by automated methods [44,7,36] that can be built into policy management tools.…”

Section: Related Workmentioning

confidence: 99%

Evolution of the Ethane Architecture

Casado¹,

Shenker²

2009

View full text Add to dashboard Cite

Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to

show abstract

Section: Related Workmentioning

confidence: 99%

Evolution of the Ethane Architecture

Casado¹,

Shenker²

2009

View full text Add to dashboard Cite

show abstract

“…The developed algorithm can detect all possible conflicts among IPSec policies in a distributed environment. The consistency analysis of security policies in [15] focuses on access control policy while our work focuses on topologically interacted IPSec policies.…”

Section: Related Workmentioning

confidence: 99%

IPSec/VPN Security Policy: Correctness, Conflict Detection, and Resolution

Huang³

et al. 2001

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. IPSec (Internet Security Protocol Suite) functions will be executed correctly only if its policies are correctly specified and configured. Manual IPSec policy configuration is inefficient and error-prone. An erroneous policy could lead to communication blockade or serious security breach. In addition, even if policies are specified correctly in each domain, the diversified regional security policy enforcement can create significant problems for end-to-end communication because of interaction among policies in different domains. A policy management system is, therefore, demanded to systematically manage and verify various IPSec policies in order to ensure an end-to-end security service. This paper contributes to the development of an IPSec policy management system in two aspects. First, we defined a high-level security requirement, which not only is an essential component to automate the policy specification process of transforming from security requirements to specific IPSec policies but also can be used as criteria to detect conflicts among IPSec policies, i.e. policies are correct only if they satisfy all requirements. Second, we developed mechanisms to detect and resolve conflicts among IPSec policies in both intradomain and inter-domain environment.

show abstract

“…Most prior work in the policy field can be divided into three major categories: policy specification [3,5], resolving policy conflicts [6,7], and distributed enforcement [8,9].…”

Section: Related Workmentioning

confidence: 99%

“…Cholvy, et al [7] describe a method for resolving that inconsistency and show that the problem is exacerbated in large-scale networks. As with PolicyMaker and SPKI, this method may facilitate path-based access control but it does not provide the information transfer necessary for resolving violated system administrator assumptions.…”

Section: Related Workmentioning

confidence: 99%

Path-Based Access Control for Enterprise Networks

Burnside

Keromytis

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Enterprise networks are ubiquitious and increasingly complex. The mechanisms for defining security policies in these networks have not kept up with the advancements in networking technology. In most cases, system administrators define policies on a per-application basis, and subsequently, these policies do not interact. For example, there is no mechanism that allows a web server to communicate decisions based on its ruleset to a firewall in front of it, even though decisions being made at the web server may be relevant to decisions at the firewall. In this paper, we describe a path-based access control system for serviceoriented architecture (SOA)-style networks which allows services to pass access-control-related information to neighboring services, as the services process requests from outsiders and from each other. Path-based access control defends networks against a class of attacks wherein individual services make correct access control decisions but the resulting global network behavior is incorrect. We demonstrate the system in two forms, using graph-based policies and by leveraging the KeyNote trust management system.

show abstract

Analyzing consistency of security policies

Cited by 69 publications

References 8 publications

Evolution of the Ethane Architecture

Evolution of the Ethane Architecture

IPSec/VPN Security Policy: Correctness, Conflict Detection, and Resolution

Path-Based Access Control for Enterprise Networks

Contact Info

Product

Resources

About