Title :
Design of network security policy information model for policy-based network management
Author :
Soh, Seon-Gyoung ; Kim, Jinoh ; Na, Jung-Chan
Author_Institution :
Active Security Technol. Res. Team, ETRI
Abstract :
An extensive network and a large variety of users may cause network security problems. So, the research of a network security has being progressed. In this paper, we present network security policy information model (NSPIM) to apply in policy-based network management systems. We define the NSPIM by expending the PCIM/PCIMe from IETF, for guaranteeing the compatibility and the extensibility of representing, managing, sharing, and reusing policies. And the NSPIM adopts DMTF´s CIM to represent a relationship between policies and policy enforcement systems. In addition, a flexible policy representation is possible because the NSPIM can offer both a domain-level packet filtering mechanism and a device-level packet filtering mechanism
Keywords :
telecommunication network management; telecommunication security; network security policy information model; packet filtering mechanism; policy representation; policy-based network management; Access protocols; Computer integrated manufacturing; Diffserv networks; Filtering; Information security; Intelligent networks; Intrusion detection; Network servers; Resource management; Specification languages;
Conference_Titel :
Advanced Communication Technology, 2005, ICACT 2005. The 7th International Conference on
Conference_Location :
Phoenix Park
DOI :
10.1109/ICACT.2005.245965
