1 Citation (Scopus)

Abstract

Security policy management is critical to meet organisational needs and reduce potential risks because almost every organisation depends on computer networks and the internet for their daily operations. It is therefore important to specify and enforce security policies effectively. However, as organisations grow, so do their networks - this increases the difficulty of deploying a security policy, especially across heterogeneous systems. In this paper, we introduce a policy framework called Chameleos-x which is designed to enforce security policies consistently across security-aware systems with network services-primarily operating systems, firewalls, and intrusion detection systems. Throughout this paper, we focus on the design and architecture of Chameleos-x and demonstrate how our policy framework helps organisations implement security policies in changing, diversity-rich environments. We also describe our ongoing work in the experimentation of Chameleos-x, where we have obtained promising results.

Original languageEnglish (US)
Pages (from-to)251-274
Number of pages24
JournalInternational Journal of Information and Computer Security
Volume5
Issue number4
DOIs
StatePublished - 2013

Fingerprint

Heterogeneous networks
Intrusion detection
Computer networks
Internet

Keywords

  • Access control
  • Assured sharing
  • Grid systems
  • Security

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture

Cite this

Extensible policy framework for heterogeneous network environments. / Teo, Lawrence; Ahn, Gail-Joon.

In: International Journal of Information and Computer Security, Vol. 5, No. 4, 2013, p. 251-274.

Research output: Contribution to journalArticle

@article{91d4235c978f4aa3b48f45ae117bc5e5,
title = "Extensible policy framework for heterogeneous network environments",
abstract = "Security policy management is critical to meet organisational needs and reduce potential risks because almost every organisation depends on computer networks and the internet for their daily operations. It is therefore important to specify and enforce security policies effectively. However, as organisations grow, so do their networks - this increases the difficulty of deploying a security policy, especially across heterogeneous systems. In this paper, we introduce a policy framework called Chameleos-x which is designed to enforce security policies consistently across security-aware systems with network services-primarily operating systems, firewalls, and intrusion detection systems. Throughout this paper, we focus on the design and architecture of Chameleos-x and demonstrate how our policy framework helps organisations implement security policies in changing, diversity-rich environments. We also describe our ongoing work in the experimentation of Chameleos-x, where we have obtained promising results.",
keywords = "Access control, Assured sharing, Grid systems, Security",
author = "Lawrence Teo and Gail-Joon Ahn",
year = "2013",
doi = "10.1504/IJICS.2013.058210",
language = "English (US)",
volume = "5",
pages = "251--274",
journal = "International Journal of Information and Computer Security",
issn = "1744-1765",
publisher = "Inderscience Enterprises Ltd",
number = "4",

}

TY - JOUR

T1 - Extensible policy framework for heterogeneous network environments

AU - Teo, Lawrence

AU - Ahn, Gail-Joon

PY - 2013

Y1 - 2013

N2 - Security policy management is critical to meet organisational needs and reduce potential risks because almost every organisation depends on computer networks and the internet for their daily operations. It is therefore important to specify and enforce security policies effectively. However, as organisations grow, so do their networks - this increases the difficulty of deploying a security policy, especially across heterogeneous systems. In this paper, we introduce a policy framework called Chameleos-x which is designed to enforce security policies consistently across security-aware systems with network services-primarily operating systems, firewalls, and intrusion detection systems. Throughout this paper, we focus on the design and architecture of Chameleos-x and demonstrate how our policy framework helps organisations implement security policies in changing, diversity-rich environments. We also describe our ongoing work in the experimentation of Chameleos-x, where we have obtained promising results.

AB - Security policy management is critical to meet organisational needs and reduce potential risks because almost every organisation depends on computer networks and the internet for their daily operations. It is therefore important to specify and enforce security policies effectively. However, as organisations grow, so do their networks - this increases the difficulty of deploying a security policy, especially across heterogeneous systems. In this paper, we introduce a policy framework called Chameleos-x which is designed to enforce security policies consistently across security-aware systems with network services-primarily operating systems, firewalls, and intrusion detection systems. Throughout this paper, we focus on the design and architecture of Chameleos-x and demonstrate how our policy framework helps organisations implement security policies in changing, diversity-rich environments. We also describe our ongoing work in the experimentation of Chameleos-x, where we have obtained promising results.

KW - Access control

KW - Assured sharing

KW - Grid systems

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84890842013&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84890842013&partnerID=8YFLogxK

U2 - 10.1504/IJICS.2013.058210

DO - 10.1504/IJICS.2013.058210

M3 - Article

VL - 5

SP - 251

EP - 274

JO - International Journal of Information and Computer Security

JF - International Journal of Information and Computer Security

SN - 1744-1765

IS - 4

ER -