Security policies are a key component in protecting enterprise networks. There are many defensive options available to these policies, but current mechanically-enforced security policies are limited to traditional admission-based access control. There are defensive capabilities available that include logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, but policy enforcement is essentially limited to allow/deny semantics. Furthermore, access-control mechanisms operate independently on each service, which often leads to inconsistent or incorrect application of the intended system-wide policy. To begin to solve these problems, we propose a new system for defense-in-depth using global security policies. Under a gl...
Abstract. We present a unified theory for verifying network security policies. A security policy is ...
Enterprise systems need reliable, flexible and secure means for making public and confidential infor...
In a typical enterprise network, correct implementation of security policies is becoming increasingl...
The design principle of maximizing local autonomy except when it conflicts with global robustness ha...
Enterprise networks are ubiquitious and increasingly complex. The mechanisms for defining security p...
Network security should be based around security policies. From high-level natural language, non-tec...
Evaluating and enforcing policies in large-scale networks is one of the most challenging and signifi...
Networked systems are ubiquitous in our modern society. They are found in settings that vary from mu...
In a typical enterprise network, there are several sub-networks or network zones corresponding to di...
The design principle of restricting local autonomy only where necessary for global robustness has le...
Network security is typically reactive: Networks provide connectivity and subsequently alter this c...
The design principle of restricting local autonomy only where necessary for global robustness has le...
Security policy management is critical to meet organiza-tional needs and reduce potential risks beca...
Network and host-based access controls, for example, firewall systems, are important points of secur...
International audienceNetwork security constitutes a critical concern when developing and maintainin...
Abstract. We present a unified theory for verifying network security policies. A security policy is ...
Enterprise systems need reliable, flexible and secure means for making public and confidential infor...
In a typical enterprise network, correct implementation of security policies is becoming increasingl...
The design principle of maximizing local autonomy except when it conflicts with global robustness ha...
Enterprise networks are ubiquitious and increasingly complex. The mechanisms for defining security p...
Network security should be based around security policies. From high-level natural language, non-tec...
Evaluating and enforcing policies in large-scale networks is one of the most challenging and signifi...
Networked systems are ubiquitous in our modern society. They are found in settings that vary from mu...
In a typical enterprise network, there are several sub-networks or network zones corresponding to di...
The design principle of restricting local autonomy only where necessary for global robustness has le...
Network security is typically reactive: Networks provide connectivity and subsequently alter this c...
The design principle of restricting local autonomy only where necessary for global robustness has le...
Security policy management is critical to meet organiza-tional needs and reduce potential risks beca...
Network and host-based access controls, for example, firewall systems, are important points of secur...
International audienceNetwork security constitutes a critical concern when developing and maintainin...
Abstract. We present a unified theory for verifying network security policies. A security policy is ...
Enterprise systems need reliable, flexible and secure means for making public and confidential infor...
In a typical enterprise network, correct implementation of security policies is becoming increasingl...