• DocumentCode
    3467603
  • Title

    Policy-based management: bridging the gap

  • Author

    Hinrichs, Susan

  • Author_Institution
    Cisco. Syst., SanToser, CA, USA
  • fYear
    1999
  • fDate
    1999
  • Firstpage
    209
  • Lastpage
    218
  • Abstract
    In a policy-based system, policy goals are described with respect to network entities (e.g. networks and users) instead of enforcement points (e.g., firewalls and routers). This global view has several advantages: usability, global rules are closer to the goals of the human administrator; scalability, the policy system ensures that the enforcement points are configured appropriately, whether there are 1 or 100 enforcement points; and security, the policy system ensures that the policy is enforced consistently. This paper describes techniques for accurately translating from global policy rules to actual per-device configurations, and it describes how these techniques were used in the implementation of Cisco Secure Policy Manager
  • Keywords
    computer network management; security of data; Cisco Secure Policy Manager; global policy rules; network entities; per-device configurations; policy goals; policy-based management; scalability; security; usability; Concrete; Cryptography; Identity-based encryption; Read only memory; Testing; Web server;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 1999. (ACSAC '99) Proceedings. 15th Annual
  • Conference_Location
    Phoenix, AZ
  • ISSN
    1063-9527
  • Print_ISBN
    0-7695-0346-2
  • Type

    conf

  • DOI
    10.1109/CSAC.1999.816030
  • Filename
    816030
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3467603