|
| << vorige | volgende >> |
Tijdschrift beschrijving
Alle jaargangen van het bijbehorende tijdschrift
Alle afleveringen van het bijbehorende jaargang
Alle artikelen van de bijbehorende aflevering
Details van artikel 3 van 20 gevonden artikelen
| Titel: |
A Formal Verification Framework for Security Policy Management in Mobile IP Based WLAN |
| Auteur: |
Soumya Maity P Bera S K Ghosh Pallab Dasgupta |
| Verschenen in: |
International journal of network security & its applications |
| Paginering: | Jaargang 2 (2010) nr. 4 pagina's 194-211 |
| Jaar: |
2010 |
| Inhoud: |
The continuous advancement of wireless technologies especially for enterprise Wireless local areanetworks (LANs), demands well defined security mechanisms with appropriate architectural support toovercome various security loopholes. Implementing security policies on the basis of Role based AccessControl (RBAC) models is an emerging field of research in WLAN security. However, verifying thecorrectness of the implemented policies over the distributed network devices with changes in topology,remains unexplored in the aforesaid domain. The enforcement of organizational security policies inWLANs require protection over the network resources from unauthorized access. Hence, it is required toensure correct distribution of access control rules to the network access points conforming to the securitypolicy. In WLAN security policy management, the standard IP based access control mechanisms are notsufficient to meet the organizational requirements due to its dynamic topology characteristics. In anenterprise network environments, the role-based access control (RBAC) mechanisms can be deployed tostrengthen the security perimeter over the network resources. Further, there is a need to model the timeand location dependent access constraints. In this paper, we propose a WLAN security management systemsupported by a formal spatio-temporal RBAC (STRBAC) model and a Boolean satisfiability (SAT) basedverification framework. The concept of mobile IP has been used to ensure fixed layer 3 address mappingfor the mobile hosts in a dynamic scenario. The system stems from logical partitioning of the WLANtopology into various security policy zones. It includes a Global Policy Server (GPS) that formalises theorganisational access policies and determines the high level policy configurations for different policyzones; a Central Authentication & Role Server (CARS) which authenticates the users (or nodes) and theaccess points (AP) in various zones and also assigns appropriate roles to the users. Every host has toregister their unique MAC address to a Central Authentication and Role Server(CARS). Each policy zoneconsists of an Wireless Policy Zone Controller (WPZCon) that coordinates with a dedicated Local RoleServer (LRS) to extract the low level access configurations corresponding to the zone access router. Wealso propose a formal spatio-temporal RBAC (STRBAC) model to represent the global security policiesformally and a SAT based verification framework to verify the access configurations |
| Uitgever: |
Academy & Industry Research Collaboration Center (AIRCC) (provided by DOAJ) |
| Bronbestand: |
Elektronische Wetenschappelijke Tijdschriften |
Details van artikel 3 van 20 gevonden artikelen
| << vorige | volgende >> |