Design and Implementation of Internet Protocol Security Filtering Rules in a Network Environment
Internet Protocol Security (IPSec) devices are essential elements in network security which provide traffic filtering, integrity, confidentiality and authentication based on configured security policies. The complexities involved in the handling of these policies can result in policy conflicts that...
Gespeichert in:
| Veröffentlicht in: | International journal of computer science and information security 2011-07, Vol.9 (7), p.134-134 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | Internet Protocol Security (IPSec) devices are essential elements in network security which provide traffic filtering, integrity, confidentiality and authentication based on configured security policies. The complexities involved in the handling of these policies can result in policy conflicts that may cause serious security breaches and network vulnerabilities. This paper therefore presents a mathematical model developed for IPSec filtering rules and policies using Boolean expressions. A comprehensive classification of security policy conflicts that might potentially exist in a single IPSec device (intra-policy conflicts) or between different network devices (inter-policy conflicts) in enterprise networks is also presented. All these are implemented in user-friendly interfaces that significantly simplify the management and/or proper configuration of IPSec policies written as filtering rules, while minimizing network vulnerability due to security policy mis-configurations. [PUBLICATION ABSTRACT] |
|---|---|
| ISSN: | 1947-5500 |