The Zodiac Policy Subsystem: A Policy-Based Management System for a High-Security MANET

Author

Cheng, Yuu-Heng ; Raykova, Mariana ; Poylisher, Alex ; Alexander, Scott ; Eiger, Martin ; Bellovin, Steven M.

Author_Institution

Telcordia Technol., Piscataway, NJ, USA

fYear

2009

fDate

20-22 July 2009

Firstpage

174

Lastpage

177

Abstract

Zodiac (zero outage dynamic intrinsically assurable communities) is an implementation of a high-security MANET, resistant to multiple types of attacks, including Byzantine faults. The Zodiac architecture poses a set of unique system security, performance, and usability requirements to its policy-based management system (PBMS). In this paper, we identify theses requirements, and present the design and implementation of the Zodiac policy subsystem (ZPS), which allows administrators to securely specify, distribute and evaluate network control and system security policies to customize Zodiac behaviors. ZPS uses the Keynote language for specifying all authorization policies with simple extension to support obligation policies.

Keywords

ad hoc networks; authorisation; mobile radio; telecommunication network management; telecommunication security; Byzantine faults; Keynote language; authorization policies; high-security MANET; network control; policy-based management system; system security policies; usability requirements; zero outage dynamic intrinsically assurable communities policy subsystem; Authentication; Authorization; Computer network management; Containers; Control systems; Cryptography; Information security; Mobile ad hoc networks; Protection; Usability; MANET; computer network security; policy-based management;

fLanguage

English

Publisher

ieee

Conference_Titel

Policies for Distributed Systems and Networks, 2009. POLICY 2009. IEEE International Symposium on

Conference_Location

London

Print_ISBN

978-0-7695-3742-9

Electronic_ISBN

978-0-7695-3742-9

Type

conf

DOI

10.1109/POLICY.2009.7

Filename

5197404