Research on Key Technologies of Network Security Management Policy

For purpose of managing network security policy duly and flexibly in the complex network environment, and resolving its issue efficiency, this paper proposes network security policy self-adaptive management and distribution model. An incident triggered, policy-driven and self-adaptive management mechanism is established, and the impact of safety equipment or user requests, such as system resources found on the flow control can be calculated automatically. The distribution model is given to response policy request rapidly, take the appropriate policy dissemination methods, and reduce PDP computing tasks, system resource consumption, as well as between the PDP and PEP data transmission volume, which introduces the concepts of issue affecting factors, security domain addresses allocation, etc. The effectiveness of the proposed model and algorithms is proved by experiments.

[1]  Ka Lun Eddie Law,et al.  Scalable design of a policy-based management system and its performance , 2003, IEEE Commun. Mag..

[2]  Jorge Lobo,et al.  Policy-based management of networked computing systems , 2005, IEEE Communications Magazine.

[3]  Suh-Yin Lee,et al.  Incremental update on sequential patterns in large databases by implicit merging and efficient counting , 2004, Inf. Syst..

[4]  R. Alhajj,et al.  Performance analysis of incremental update of association rules mining approaches , 2005, 2005 IEEE International Conference on Intelligent Engineering Systems, 2005. INES '05..

[5]  Azzedine Boukerche,et al.  An enhancement towards dynamic grid-based DDM protocol for distributed simulation using multiple levels of data filtering , 2006, Parallel Comput..

[6]  Alex Galis,et al.  A policy-based management architecture for active and programmable networks , 2003, IEEE Netw..

[7]  Zhong Lian-jiong New Algorithm of Data Distribution Management for Distributed Interactive Simulation , 2005 .

[8]  Chenghua Tang,et al.  A Network Security Policy Model and Its Realization Mechanism , 2006, Inscrypt.

[9]  Li Zhou-Jun,et al.  Efficiently Mining of Maximal Frequent Item Sets Based on FP-Tree , 2005 .

[10]  Zhu Yu Incremental Updating Algorithm Based on Frequent Pattern Tree for Mining Association Rules , 2003 .

[11]  Andrea Westerinen,et al.  Terminology for Policy-Based Management , 2001, RFC.

[12]  Suh-Yin Lee,et al.  Incremental update on sequential patterns in large databases , 1998, Proceedings Tenth IEEE International Conference on Tools with Artificial Intelligence (Cat. No.98CH36294).

[13]  Yajun Zhang,et al.  A new algorithm of data distribution management for distributed interactive simulation , 2004, Fifth World Congress on Intelligent Control and Automation (IEEE Cat. No.04EX788).