Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2004.11C.2.171

Security Policy Negotiation Model Design for Secure Network Management  

Park, Jin-Ho (대덕대학 컴퓨터인터넷정보계열)
Chung, Jin-Wook (성균관대학교 전기전자 및 정보통신공학부)
Publication Information
The KIPS Transactions:PartC / v.11C, no.2, 2004 , pp. 171-176 More about this Journal
Abstract
This paper presents the design of a certain highly efficient security policy negotiation of SPS(Security Policy System) for secure network management using mobile agent system. The conventional IP security systems for secure network management have some problems. A drawback to these systems is that the required policy between each security area is different. Another problem is not possible to guarantee whether a packet is transmitted through the same path by both directions and is protected by the same policy due to the topology of the network. Unlike conventional systems, the model developed herein can be resolved by using a mobile agent technology. If each domain needs a negotiation of security policy, a mobile agent manages the result of the negotiation in the form of a passport and guarantees the authentication and reliability each other by using the passport.
Keywords
Network Management; Policy Negotiation; IP Security; Mobile Agent;
Citations & Related Records
연도 인용수 순위
  • Reference
1 L. A. Sanchez and M. N. Condell, 'Security Policy system,' Internet Draft, draft-ietf-ipsec-sps-00.txt, 1998
2 C. G. Harrision, D.M. Chess and A. Kershenbaum, 'Mobile Agent : Are they a good idea?,' IBM Research Division, March, 1995
3 M. Woodldrighe and N. R. Jennings, 'Intelligent Agent : Theory and practice,' The Knowledge Engineering Review, 10(2), pp.115-152, 1995   DOI
4 Mark Baugher, Ran Canetti, Lakshminath, 'Group Key Mangement Architecture,' Internet Draft, draft-ietf-msec-gkmarch-00.txt, 2001
5 David Chess and Benjamin Grosof, 'Itinerant Agents for Mobile Computing,' Available from authors, May, 1995
6 G. Karjoth, N. Asokan and C. Gulcu, 'Proteching the Computation Results of Free-Roaming Agents,' Proceedings of the Second International Workshop, MA '98, pp.195-207, 1998
7 M. S. Greenberg, J. C. Byington, T. Holding, and D. G. Harper., 'Mobile Agents and Security,' IEEE Communications Magazine, 36(7), pp.76-85, July, 1998   DOI   ScienceOn
8 C. Collberg, C. Thomborson and D. Low, 'A Taxionomy of Obfuscation Transformations,'Technical Report 148, Department of computer Science, University of Auckland, 1997
9 H. Reiser G. Vogt, 'Security Requirements for Management Systems using Mobile Agents,' Proceedings of the Fifth IEEE Symposiumon Computers and Communications : ISCC 2000, Antibes, France, pp.3-6, July, 2000   DOI
10 G. Vigna, 'Cryptographic Trace for Mobile Agents,' Mobile Agents and Security, Spring-Verlag, Lecture Notes in computer Science 1419, pp.137-153, 1998
11 L. A. Sanchez and M. N. Condell, 'Security Policy Protocol,' Internet Draft, draft-ietf-ipsec-spp-00, 1999
12 e-Lock VPN 2.1 Policy Management, http://www.e-lock.com/Products/VPN/POLICYMANAGE.HTM
13 NIST Cerberus, An IPSec Reference Implementation for Linux, http://snad.ncsl.nist.gov/cerberus/