Network Access Control Configuration Management using Semantic Web Techniques

William M. Fitzgerald, S. N. Foley, M. Ó Foghlu

    Research output: Contribution to journalArticlepeer-review

    7 Citations (Scopus)

    Abstract

    Network Access Control requirements are typically implemented in practice as a series of heterogeneous security-mechanism-centric policies that span system services and application domains. For example, a Network Access Control policy night be configured in terms of firewall, proxy, intrusion prevention and user access policies. While defined separately, these security policies may interoperate in the sense that the access requirements of one may conflict and/or be redundant with respect to the access requirements of another. Thus, managing a large number of distinct policies becomes a major challenge in terms of deploying and maintaining a meaningful and consistent configuration. It is argued that employing techniques of the Semantic Web-an architecture that supports the formal representation, reasoning and sharing of heterogeneous domain knowledge-provides a natural approach to solving this challenge. A risk-based approach to configuring interoperable Network Access Control policies is described. Each Network Access Control mechanism has an ontology that is used to represent its configuration. This knowledge is unified with higher-level business (risk) rides, providing a single (extensible) ontology that supports reasoning across the different Network, Access Control policy configurations.
    Original languageEnglish
    Pages (from-to)99-117
    JournalJournal of Research and Practice in Information Technology
    Volume41
    Issue number2
    Publication statusPublished - 2009

    Keywords

    • Security Configuration Network Access Control Ontology Risk Semantic Web

    Fingerprint

    Dive into the research topics of 'Network Access Control Configuration Management using Semantic Web Techniques'. Together they form a unique fingerprint.

    Cite this