Methodology for network security design

Author

Graft, Donald ; Pabrai, Mohnish ; Pabrai, Uday

Author_Institution

Tellabs Inc., Lisle, IL, USA

fYear

1990

fDate

21-23 Mar 1990

Firstpage

675

Lastpage

682

Abstract

A methodology for the design of network security based on the ISO 7498-2 security architecture is defined. The methodology enforces a problem-centered approach by explicitly defining separate specification, design, and implementation phases. In the specification phase, design constraints are identified and the required services are determined. In the design phase, the services are placed within the security architecture, the service primitives are defined, and the underlying service mechanisms and protocols are designed. In the implementation phase, a hardware and software solution is developed, the system is tested and verified, and required accreditation and certification are obtained. The methodology is illustrated by considering an application for an imaginary company. General conclusions regarding the feasibility of defining a network security methodology are presented

Keywords

computer networks; protocols; security of data; ISO 7498-2 security architecture; design; design constraints; implementation phases; methodology; network security design; problem-centered approach; protocols; specification; Accreditation; Application software; Certification; Computer architecture; Design methodology; Hardware; ISO standards; Protocols; Software testing; System testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Computers and Communications, 1990. Conference Proceedings., Ninth Annual International Phoenix Conference on

Conference_Location

Scottsdale, AZ

Print_ISBN

0-8186-2030-7

Type

conf

DOI

10.1109/PCCC.1990.101685

Filename

101685