Evolution of enterprise security federation

Gaeil An, Joon S. Park

Research output: Chapter in Book/Entry/PoemChapter

Abstract

In this chapter, we discuss the evolution of the enterprise security federation, including why the framework should be evolved and how it has been developed and applied to real systems. Furthermore, we analyze the remaining vulnerabilities and weaknesses in current approaches and propose new approaches to resolve those problems. Then, to overcome those weaknesses and vulnerabilities, we propose the PSM (Policy-based Security Management) architecture for an integrated security framework, and the PM (Packet-Marking) architecture for a cooperative security framework. The PSM architecture is able to efficiently realize the security purposes of an organization by controlling, operating, and managing various kinds of security systems consistently based on security policies. The PM architecture is able to effectively deal with suspicious network traffic without requiring new protocol, while reducing the false-positive problem and perfectly protecting QoS for innocent traffic from attacks. We simulated the PSM and PM architectures to evaluate their performance. The simulation result shows that the PSM architecture can automatically detect and respond against network attacks, and the PM architecture can effectively handle suspicious traffic, such as DDoS traffics.

Original languageEnglish (US)
Title of host publicationHandbook of Research on Information Security and Assurance
PublisherIGI Global
Pages29-41
Number of pages13
ISBN (Print)9781599048550
DOIs
StatePublished - 2008

ASJC Scopus subject areas

  • General Computer Science

Fingerprint

Dive into the research topics of 'Evolution of enterprise security federation'. Together they form a unique fingerprint.

Cite this