Enforcing security in semantics driven policy based networks

Security is emerging as an important requirement for a number of distributed applications such as online banking, social networking etc. due to the private nature of the data being involved. Further more, the wide spread use of portable devices such as laptops, PDAs etc. allows users to make meaningful ad hoc collaborations. Traditional security solutions are not feasible for these scenarios due to the varying nature of the collaborations in terms of entities involved and their roles, available resources etc. Under these circumstances, we need generic solutions that take into account the semantics of the collaborations in determining the set of allowable operations. In this paper, we propose an extensible framework that uses semantics driven policies for enforcing security. Our policies are rooted in semantic web languages which makes amenable to interoperability, and also enables high level reasoning for conflict resolution and policy adaptation. We describe our policy based network that uses packet content semantics to best handle different streams, and show how our framework can be used to secure enterprise networks and the BGP routing process.