| Title | A Framework for Managing User-defined Security Policies to Support Network Security Functions |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Kim, Eunsoo, Kim, Kuyju, Lee, Seungjin, Jeong, Jaehoon Paul, Kim, Hyoungshick |
| Conference Name | Proceedings of the 12th International Conference on Ubiquitous Information Management and Communication |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-6385-3 |
| Keywords | NSF, policy-based governance, pubcrawl, security management, security policies, security policy |
| Abstract | Network Functions Virtualization (NFV) and Software Defined Networking (SDN) make it easier for security administrators to manage security policies on a network system. However, it is still challenging to map high-level security policies defined by users into low-level security policies that can be applied to network security devices. To address this problem, we introduce a framework for effectively managing user-defined security policies for network security functions based on standard interfaces that are currently being standardized in an IETF working group. To show the feasibility of the proposed framework, we implemented a prototype based on the RESTCONF protocol and showed that the proposed framework can be applied in real-world scenarios for network separation, DDoS mitigation and ransomeware prevention. |
| URL | http://doi.acm.org/10.1145/3164541.3164569 |
| DOI | 10.1145/3164541.3164569 |
| Citation Key | kim_framework_2018 |
A Framework for Managing User-defined Security Policies to Support Network Security Functions