Abstract
Enterprise security management system proposed to properly manage heterogeneous security products is the security management infrastructure designed to avoid needless duplications of management tasks and inter-operate those security products effectively. In this paper, we defined the hierarchical policy model and the detection algorithm of policy conflict for managing heterogeneous firewall systems. It is designed to help security management build invulnerable security policies that can unify various existing management infrastructures of security policies. Its goal is not only to improve security strength and increase the management efficiency and convenience but also to make it possible to include different security management infrastructures while building security policies. With the process of the detection and resolution for policy conflict, it is possible to integrate heterogeneous security policies and guarantee the integrity of them by avoiding conflicts or duplications among security policies. And further, it provides convenience to manage many security products existing in large network.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
An Introduction to Computer Security: The NIST Handbook, NIST Special Publication 800-12 (January 1)
A Study on the Development of Countermeasure Technologies against Hacking and Intrusion in Computer Network Systems, KISA final development report (January 1999)
Cheswick, W.R., Bellovin, S.M.: Firewalls and Internet Security: repelling the willy hacker. Addison-Wesley, Reading (1994)
ISO 7498-2, Information processing systems-Open Systems Interconnection – Basic Reference Model—Part 2: Security Architecture
Lee, D.Y., Kim, D.S., Pang, K.H., Kim, H.S., Chung, T.M.: Web-based integrated security management system using SNMP. KNOM Review 2(1), 1167–1171 (1999)
Lee, D.Y., Kim, D.S., Pang, K.H., Kim, H.S., Chung, T.M.: A Design of Scalable SNMP Agent for Managing Heterogeneous Security Systems. In: NOMS, April 10-15 (2000)
Kim, K.H., Kim, D.S., Chung, T.M.: The Firewall Selection Algorithm for Integrated Security Management. In: Proceedings of The International Conference on Information Networking(ICOIN), February 2003, vol. II, pp. 940–949 (2003)
Kim, Y., Song, E.: Privacy-aware Role Based Access Control Model: Revisited for Multi-Policy Conflict Detection (2010)
Moffett, J., Sloman, M.S.: Policy Conflict Analysis in Distributed System Management. Journal of Organizational Computing 4(1), 1–22 (1994)
Lupu, E.C., Sloman, M.: Conflicts in Policy-Based Distributed Systems Management. Journal of IEEE Transaction on Software Engineering 25(6), 852–869 (1999)
Lupu, E., Sloman, M.: Conflict Analysis for Management Policies. In: International Symposium on Integrated Network Management IM 1997, pp. 430–443 (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lee, D., Ahn, SS., Kim, M. (2011). A Study on Hierarchical Policy Model for Managing Heterogeneous Security Systems. In: Murgante, B., Gervasi, O., Iglesias, A., Taniar, D., Apduhan, B.O. (eds) Computational Science and Its Applications - ICCSA 2011. ICCSA 2011. Lecture Notes in Computer Science, vol 6785. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21898-9_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-21898-9_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21897-2
Online ISBN: 978-3-642-21898-9
eBook Packages: Computer ScienceComputer Science (R0)