Abstract
With the explosive growth of Internet connectivity that includes not only end-hosts but also pervasive devices, secure and reliable Internet becomes a requirement for enterprises as well as home users. Although a significant effort has been made by the research community to develop defense techniques against security attacks, efficient management of security configuration has been overlooked. Network security devices, such as Firewalls, IPSec gateways, Intrusion Detection and Prevention Systems, as well as end-host access control servers, operate based on locally configured policies. Yet these policies are not necessarily independent as they interact with each other to form global end-to-end security. Managing these security policies are complex and error prone. Intraand interpolicy conflicts or inconsistency is one of the main challenges for deploying effective security. In addition, the complexity of changing, testing, and validating security configuration in real-time environment become a major hindrance for evaluating security. Last but not least, security configurations such as policy rules are mostly defined in low level abstraction and represented in isolation of each other, which makes discovering misconfiguration in large-scale network intractable. As a result, the complexity of integrated security management not only makes
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.