论文信息 - IPsec/VPN security policy correctness and assurance

IPsec/VPN security policy correctness and assurance

With IPsec/VPN policies being widely deployed, how to correctly specify and configure them is critical in enforcing security requirements, especially among different administrative domains across the Internet. Under current practice, IPsec/VPN policies are specified individually by system administrators from different organizations without any formal coordination. This practice implies unintentional errors due to inconsistent IPsec/VPN policies. Furthermore, Internet routing dynamics may possibly interfere with IPsec/VPN policies such that unexpected conflicts occur due to a mismatch between the routing and IPsec/VPN layers. To deal with these problems, we formally define IPsec security requirements, policies, and their correctness criteria. Based on these definitions, we present an inter-domain architecture to automatically generate correct and efficient security policies. Our approach works when we are given a set of security requirements for a single end-to-end traffic flow. We can also deal with changes when new security requirements are added. Finally, we present simulation results which evaluate the performance of our solutions.

Charles U. Martel | Shyhtsun Felix Wu | Yanyan Yang | Zhi Fu

[1] Henning Schulzrinne,et al. BGRP: A Tree-Based Aggregation Protocol for Inter-domain Reservations , 1999 .

[2] Shyhtsun Felix Wu,et al. Automatic Generation of IPSec/VPN Security Policies In an Intra-Domain Environment , 2001, DSOM.

[3] Morris Sloman,et al. Policies Hierarchies for Distributed Systems Management , 1993, IEEE J. Sel. Areas Commun..

[4] Charles Lynn,et al. Security policy specification language , 1998 .

[5] Jonathan D. Moffett. Requirements and Policies , 1999 .

[6] Shyhtsun Felix Wu,et al. BANDS: An Inter-domain Internet Security Policy Management System for IPSec/VPN , 2003, Integrated Network Management.

[7] He Huang,et al. IPSec/VPN Security Policy: Correctness, Conflict Detection, and Resolution , 2001, POLICY.

[8] Henning Schulzrinne,et al. BGRP: Sink-tree-based aggregation for inter-domain reservations , 2000, Journal of Communications and Networks.

[9] Luis Sanchez,et al. Security Policy Protocol , 1999 .

[10] Charles U. Martel,et al. On building the minimum number of tunnels: an ordered-split approach to manage IPSec/VPN policies , 2004, 2004 IEEE/IFIP Network Operations and Management Symposium (IEEE Cat. No.04CH37507).

[11] Charles U. Martel,et al. CLID: A general approach to validate security policies in a dynamic network , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.