XML based adaptive IPsec policy management in a trust management context
Irvine, Cynthia E.
Levin, Timothy E.
MetadataShow full item record
TCP/IP provided the impetus for the growth of the Internet and the IPsec protocol now promises to add to it the desired security strength. IPsec provides users with a mechanism to enforce a range of security services for both confidentiality and integrity, enabling them to securely pass information across networks. Dynamic parameterization of IPsec further enables security mechanisms to adjust the level of security service "on-the-fly" to respond to changing network and operational conditions. The IPsec implementation in OpenBSD works in conjunction with the Trust Management System, KeyNote, to achieve this. However the KeyNote engine requires that an IPsec policy be defined in the KeyNote specification syntax. Defining a security policy in the KeyNote Specification language is, however, extremely difficult and the complexity of the language could lead to incorrect specification of the desired policy, thus degrading the security of the network. This thesis looks into an alternative XML representation of this language and a graphical user interface to evolve a consistent and correct security policy. The interface has the simplicity of a simple menu-driven editor that not only provides KeyNote with a policy in the specified syntax but also integrates techniques for correctness verification and validation.
Approved for public release, distribution is unlimited
Showing items related by title, author, creator and subject.
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2006-07);July 2006. The July 2006 issue of Homeland Security Affairs offers articles about risk perception, domestic right wing extremist groups, social network analysis, and the impact of foreign policy on homeland security. It ...
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2009-01);January 2009. In this issue of Homeland Security Affairs we offer one essay that outlines some of the important homeland security issues of 2008 and a set of essays that describes a potentially significant change in the ...
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2006-10);October 2006. Welcome to Volume 2, Issue Three of Homeland Security Affairs. This issue is dedicated to the memory of Lacy Suiter. I believe Lacy would be embarrassed by the idea of dedicating an issue of anything to him. ...