Abstract
The security management of a typical enterprise network, comprises of several network zones, is usually governed by the organizational security policy. The policy defines the service accesses (permit/deny) between various network zones. The security implementation attempts to realize the policy through sets of access control lists (ACLs) in the network interfaces. This paper presents a framework for generating the correct implementation model, given the organizational security policy and underlying network topology. There are two major challenges, namely, (i) deriving the conflict-free model of the organizational security policy and (ii) extraction of the correct ACL distributions for the network. The framework formally models the organizational security policy and generates the conflict-free policy model by resolving the policy rule conflicts. Then, ACL implementation model is extracted based on the conflict-free policy model and the underlying network topology. The efficacy of the proposed framework has been demonstrated through a case study.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
