Evolution of enterprise security federation

Gaeil An, Joon S Park

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

In this chapter, we discuss the evolution of the enterprise security federation, including why the framework should be evolved and how it has been developed and applied to real systems. Furthermore, we analyze the remaining vulnerabilities and weaknesses in current approaches and propose new approaches to resolve those problems. Then, to overcome those weaknesses and vulnerabilities, we propose the PSM (Policy-based Security Management) architecture for an integrated security framework, and the PM (Packet-Marking) architecture for a cooperative security framework. The PSM architecture is able to efficiently realize the security purposes of an organization by controlling, operating, and managing various kinds of security systems consistently based on security policies. The PM architecture is able to effectively deal with suspicious network traffic without requiring new protocol, while reducing the false-positive problem and perfectly protecting QoS for innocent traffic from attacks. We simulated the PSM and PM architectures to evaluate their performance. The simulation result shows that the PSM architecture can automatically detect and respond against network attacks, and the PM architecture can effectively handle suspicious traffic, such as DDoS traffics.

Original languageEnglish (US)
Title of host publicationHandbook of Research on Information Security and Assurance
PublisherIGI Global
Pages29-41
Number of pages13
ISBN (Print)9781599048550
DOIs
StatePublished - 2008

Fingerprint

Industry
Security systems
Telecommunication traffic
Quality of service

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

An, G., & Park, J. S. (2008). Evolution of enterprise security federation. In Handbook of Research on Information Security and Assurance (pp. 29-41). IGI Global. https://doi.org/10.4018/978-1-59904-855-0.ch004

Evolution of enterprise security federation. / An, Gaeil; Park, Joon S.

Handbook of Research on Information Security and Assurance. IGI Global, 2008. p. 29-41.

Research output: Chapter in Book/Report/Conference proceedingChapter

An, G & Park, JS 2008, Evolution of enterprise security federation. in Handbook of Research on Information Security and Assurance. IGI Global, pp. 29-41. https://doi.org/10.4018/978-1-59904-855-0.ch004
An G, Park JS. Evolution of enterprise security federation. In Handbook of Research on Information Security and Assurance. IGI Global. 2008. p. 29-41 https://doi.org/10.4018/978-1-59904-855-0.ch004
An, Gaeil ; Park, Joon S. / Evolution of enterprise security federation. Handbook of Research on Information Security and Assurance. IGI Global, 2008. pp. 29-41
@inbook{62c9854613264e59a70caa621361bb80,
title = "Evolution of enterprise security federation",
abstract = "In this chapter, we discuss the evolution of the enterprise security federation, including why the framework should be evolved and how it has been developed and applied to real systems. Furthermore, we analyze the remaining vulnerabilities and weaknesses in current approaches and propose new approaches to resolve those problems. Then, to overcome those weaknesses and vulnerabilities, we propose the PSM (Policy-based Security Management) architecture for an integrated security framework, and the PM (Packet-Marking) architecture for a cooperative security framework. The PSM architecture is able to efficiently realize the security purposes of an organization by controlling, operating, and managing various kinds of security systems consistently based on security policies. The PM architecture is able to effectively deal with suspicious network traffic without requiring new protocol, while reducing the false-positive problem and perfectly protecting QoS for innocent traffic from attacks. We simulated the PSM and PM architectures to evaluate their performance. The simulation result shows that the PSM architecture can automatically detect and respond against network attacks, and the PM architecture can effectively handle suspicious traffic, such as DDoS traffics.",
author = "Gaeil An and Park, {Joon S}",
year = "2008",
doi = "10.4018/978-1-59904-855-0.ch004",
language = "English (US)",
isbn = "9781599048550",
pages = "29--41",
booktitle = "Handbook of Research on Information Security and Assurance",
publisher = "IGI Global",

}

TY - CHAP

T1 - Evolution of enterprise security federation

AU - An, Gaeil

AU - Park, Joon S

PY - 2008

Y1 - 2008

N2 - In this chapter, we discuss the evolution of the enterprise security federation, including why the framework should be evolved and how it has been developed and applied to real systems. Furthermore, we analyze the remaining vulnerabilities and weaknesses in current approaches and propose new approaches to resolve those problems. Then, to overcome those weaknesses and vulnerabilities, we propose the PSM (Policy-based Security Management) architecture for an integrated security framework, and the PM (Packet-Marking) architecture for a cooperative security framework. The PSM architecture is able to efficiently realize the security purposes of an organization by controlling, operating, and managing various kinds of security systems consistently based on security policies. The PM architecture is able to effectively deal with suspicious network traffic without requiring new protocol, while reducing the false-positive problem and perfectly protecting QoS for innocent traffic from attacks. We simulated the PSM and PM architectures to evaluate their performance. The simulation result shows that the PSM architecture can automatically detect and respond against network attacks, and the PM architecture can effectively handle suspicious traffic, such as DDoS traffics.

AB - In this chapter, we discuss the evolution of the enterprise security federation, including why the framework should be evolved and how it has been developed and applied to real systems. Furthermore, we analyze the remaining vulnerabilities and weaknesses in current approaches and propose new approaches to resolve those problems. Then, to overcome those weaknesses and vulnerabilities, we propose the PSM (Policy-based Security Management) architecture for an integrated security framework, and the PM (Packet-Marking) architecture for a cooperative security framework. The PSM architecture is able to efficiently realize the security purposes of an organization by controlling, operating, and managing various kinds of security systems consistently based on security policies. The PM architecture is able to effectively deal with suspicious network traffic without requiring new protocol, while reducing the false-positive problem and perfectly protecting QoS for innocent traffic from attacks. We simulated the PSM and PM architectures to evaluate their performance. The simulation result shows that the PSM architecture can automatically detect and respond against network attacks, and the PM architecture can effectively handle suspicious traffic, such as DDoS traffics.

UR - http://www.scopus.com/inward/record.url?scp=84898344817&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84898344817&partnerID=8YFLogxK

U2 - 10.4018/978-1-59904-855-0.ch004

DO - 10.4018/978-1-59904-855-0.ch004

M3 - Chapter

SN - 9781599048550

SP - 29

EP - 41

BT - Handbook of Research on Information Security and Assurance

PB - IGI Global

ER -