loading
Documents

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Dinesha Ranathunga 1 ; Matthew Roughan 1 ; Phil Kernick 2 ; Nick Falkner 1 ; Hung Nguyen 1 ; Marian Mihailescu 1 and Michelle McClintock 1

Affiliations: 1 University of Adelaide, Australia ; 2 CQR Consulting, Australia

ISBN: 978-989-758-196-0

Keyword(s): Security policy, Zone-Conduit model, SCADA security, Security management.

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Information and Systems Security ; Network Security ; Security Management ; Security Verification and Validation ; Wireless Network Security

Abstract: A common goal in network-management is security. Reliable security requires confidence in the level of protection provided. But, many obstacles hinder reliable security management; most prominent is the lack of built-in verifiability in existing management paradigms. This shortfall makes it difficult to provide assurance that the expected security outcome is consistent pre- and post-deployment. Our research tackles the problem from first principles: we identify the verifiability requirements of robust security management, evaluate the limitations of existing paradigms and propose a new paradigm with verifi- ability built in: Formally-Verifiable Policy-Defined Networking (FV-PDN). In particular, we pay attention to firewalls which protect network data and resources from unauthorised access. We show how FV-PDN can be used to configure firewalls reliably in mission critical networks to protect them from cyber attacks.

PDF ImageFull Text

Download
Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.227.157.163

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Ranathunga, D.; Roughan, M.; Kernick, P.; Falkner, N.; Nguyen, H.; Mihailescu, M. and McClintock, M. (2016). Verifiable Policy-defined Networking for Security Management.In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 344-351. DOI: 10.5220/0005990303440351

@conference{secrypt16,
author={Dinesha Ranathunga. and Matthew Roughan. and Phil Kernick. and Nick Falkner. and Hung Nguyen. and Marian Mihailescu. and Michelle McClintock.},
title={Verifiable Policy-defined Networking for Security Management},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},
year={2016},
pages={344-351},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005990303440351},
isbn={978-989-758-196-0},
}

TY - CONF

JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - Verifiable Policy-defined Networking for Security Management
SN - 978-989-758-196-0
AU - Ranathunga, D.
AU - Roughan, M.
AU - Kernick, P.
AU - Falkner, N.
AU - Nguyen, H.
AU - Mihailescu, M.
AU - McClintock, M.
PY - 2016
SP - 344
EP - 351
DO - 10.5220/0005990303440351

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.