Security Engine Management of Router based on Security Policy

Security management has changed from the management of security equipments and useful interface to manager. It analyzes the whole security conditions of network and preserves the network services from attacks. Secure router technology has security functions, such as intrusion detection, IPsec(IP Security) and access control, are applied to legacy router for secure networking. It controls an unauthorized router access and detects an illegal network intrusion. This paper relates to a security engine management of router based on a security policy, which is the definition of security function against a network intrusion. This paper explains the security policy and designs the structure of security engine management framework.




References:
[1] Chris Hare and Karanjit Siyan, Internet Firewalls and Network Security.
2nd ed. New Readers, 1996.
[2] Dorothy E, Denning, Information Warfare and Security, Addison-wesley,
1999.
[3] Charlie Scott, Paul Wolfe, and Mike Erwin, Virtual Private Networks.
O-Reilly, 1998.
[4] Naganand Doraswamy and Dan Harkins, IPSec: the new security
standard for the Internet, intranets, and virtual private networks,
Prentice-Hall, 1999.
[5] D. Durham, J. Boyle, R. Cohen, S. Herzog, R. Rajan, and A. Sastry, The
Common Open Policy Service Protocol, RFC 2748, 2000. Available:
http://www.ietf.org/rfc/rfc2748.txt
[6] S. Herzog, J. Boyle, R. Cohen, D. Durham, R. Rajan, and A. Sastry, COPS
Usage for RSVP, RFC 2749, 2000. Available:
http://www.ietf.org/rfc/rfc2749.txt
[7] K. Chan, J. Seligson, D. Durham, S. Gai, K. McCloghrie, S. Herzog, F.
Reichmeyer, R. Yavatkar, and A. Smith, COPS Usage for Policy
Provisioning, RFC 3084, 2001. Available:
http://www.ietf.org/rfc/rfc3084.txt
[8] Vovida.org homepage. Available: http://www.vovida.org/
[9] http://www.juniper.net/
[10] http://www.cisco.com/
[11] http://www.nortelnetworks.com/
[12] http://www.enterasys.com/
[13] JDK homepage. Available: http://java.sun.com/
[14] Jakarta homepage. Available: http://jakarta.apache.org/
[15] J. N. Kim, K. S. Lee, C. H. Lee: Design and Implementation of Integrated
Security Engine for Secure Networking. In Proc. International
Conference on Advnaced Communication Technology, Feb. 2004.