Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2002.9C.4.467

The Policy Distribution Algorithm of Firewall in Integrated Security Management  

Kim, Gwang-Hyeok (Dept.of Information Communication Engineering, Graduate School of Sungkyunkwan University)
Gwon, Yun-Ju (Korea Institute of Science and technology Information)
Kim, Dong-Su (Dept.of Information Communication Engineering, Graduate School of Sungkyunkwan University)
Jeong, Tae-Myeong (Dept.of Information Communication Engineering, Sungkyunkwan University)
Publication Information
The KIPS Transactions:PartC / v.9C, no.4, 2002 , pp. 467-472 More about this Journal
Abstract
Recently, Networks are required to adopt the security system and security consulting because of security threats and vulnerabilities of systems. Enterprise Security Management (ESM) is a system which establishes the security zone composed of security systems and Firewalls and applies the security policy to each security system. A relevant ESM is based on the effective policy and the proper security system. Particularly, multiple firewalls in ESM are concerned with the security policy about each traffic. In this paper, we describe the problems that can be occurred when we select the firewalls to apply security policy of access control in ESM composed of multiple firewalls and propose the FALCON algorithm, which is able to select the firewalis to apply the policy. We expect that FALCON algorithm offers stability, scalability and compactness for selecting firewall set.
Keywords
ESM; ISMS; Firewall; FALCON;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Simson Garfinkel, Gene Spafford, 'Practical UNIX and Internet Security,' O'Reilly&Associates, pp.637-668, 1996
2 D. Brent Chapman, E. D. Zwicky, 'Building Internet Firewalls,' O'Reilly&Associates, 1995
3 William R. Cheswick, Steven M. Bellovin, 'Firewalls and Internet Security-repelling the willy hacker,' Addison-Wesley, 1994
4 이동영, 김동수, 홍승선, 정태명, '웹 기반의 방화벽 통합 보안 관리 시스템 개발', 정보처리학회논문지, 제7권 제10호, pp. 3171-3181, 2000   과학기술학회마을
5 정연서, 류걸우, 장종수, '네트워크 보안을 위한 ESM 기술 동향', 주간기술동향, 제1026호, pp.24-35, 2001
6 Harold F. Tipton, Micki Krause, 'Information Security Management Handbook,' Auerbach publications, pp.73-131, 2000
7 'Technology Update Active Security,' Ernst&Young, LLP, 1999
8 Charlie Kaufman, Radia Perlman, Mike Speciner, 'Network Security-PRIVATE Communication in a PUBLIC World,' Prentice Hall PTR, pp.6-35, 1995
9 W. Richard Stevens, 'TCP/IP Illustrated, Volumel The Protocols,' Addison-Wesley, 1994
10 http://www.cert.org/stats/cert_stats.html
11 'NIMDA Worm/Virus Report Final,' SANS Institute, 2001
12 H. Chun Lin, S. Chuan Lai, P. Wen Chen, 'An Algorithm for Automatic Topology Discovery of IP Network,' ICC 98, Vol.2, pp.1192-1196, 1998   DOI
13 Matt Curtin, Marcus J. Ranum, 'Internet Firewall : Frequently Asked Questions,' http://www.interhack.net/pubs/fwfaq/, 1999
14 'Internet Firewalls and Security,' 3Com Corporation, 1996