TY - GEN
T1 - Managing heterogeneous network environments using an extensible policy framework
AU - Teo, Lawrence
AU - Ahn, Gail Joon
PY - 2007
Y1 - 2007
N2 - Security policy management is critical to meet organizational needs and reduce potential risks because almost every organization depends on computer networks and the Internet for their daily operations. It is therefore important to specify and enforce security policies effectively. However, as organizations grow, so do their networks increasing the difficulty of deploying a security policy, especially across heterogeneous systems. In this paper, we introduce a policy framework called Chameleos-x which is designed to enforce security policies consistently across security-aware systems with network services-primarily operating systems, firewalls, and intrusion detection systems. Throughout this paper, we focus on the design and architecture of Chameleos-x and demonstrate how our policy framework helps organizations implement security policies in changing, diversity-rich environments. We also describe our experimentation of Chameleos-x to demonstrate the feasibility of the proposed approach.
AB - Security policy management is critical to meet organizational needs and reduce potential risks because almost every organization depends on computer networks and the Internet for their daily operations. It is therefore important to specify and enforce security policies effectively. However, as organizations grow, so do their networks increasing the difficulty of deploying a security policy, especially across heterogeneous systems. In this paper, we introduce a policy framework called Chameleos-x which is designed to enforce security policies consistently across security-aware systems with network services-primarily operating systems, firewalls, and intrusion detection systems. Throughout this paper, we focus on the design and architecture of Chameleos-x and demonstrate how our policy framework helps organizations implement security policies in changing, diversity-rich environments. We also describe our experimentation of Chameleos-x to demonstrate the feasibility of the proposed approach.
UR - http://www.scopus.com/inward/record.url?scp=34748829785&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34748829785&partnerID=8YFLogxK
U2 - 10.1145/1229285.1229328
DO - 10.1145/1229285.1229328
M3 - Conference contribution
SN - 1595935746
SN - 9781595935748
T3 - Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07
SP - 362
EP - 364
BT - Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07
T2 - 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07
Y2 - 20 March 2007 through 22 March 2007
ER -