Label-based Security Management Mechanism for Universal Identifier Network

Abstract

The current Internet is an open global interconnected system and lacks of the systematic securitydesign. Most security issues of current Internet are due to the drawbacks of the original design oftraditional Internet. Besides, some optional security mechanisms are independent without enough cooperativemechanism. Therefore, it facilitates the network attacks and brings various security threatsto network services. In this paper we design a security management mechanism and several relevantevaluation methods under Universal Identifier Network (UIN) architecture, aiming to provide a finergranularity, adaptive network security management system, which consists of the following features:(1) supporting multi-dimensional properties description by introducing the detailed user and serviceclassification; (2) supporting the label-based policy-driven management mechanism in perspective ofuser and service to provide the fine granularity access control; (3) providing the multi-dimensionalevaluation metrics. The proposed label-based security management and evaluation methods will providegreat benefits for the future network security.