This is a Demo Server. Data inside this system is only for test purpose.
 

Automatic enforcement of location aware user based network access control policies

No Thumbnail Available

Date

2008

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

World Scientific and Engineering Acad and Soc

Open Access Color

OpenAIRE Downloads

OpenAIRE Views

Research Projects

Organizational Units

Thumbnail Image
Organizational Unit
Bilgisayar Mühendisliği Bölümü
Founded in 1992, our department has been dedicated to expanding and sharing knowledge, producing a line of highly skilled engineers, and inspiring innovation Department of Computer Engineering was founded in 1992 together with the Izmir Institute of Technology and started to admit students for the Master of Science Program. In 1999, the Department moved to the new campus in Gülbahçe-Urla and the undergraduate program commenced in the same year. Computer Engineering Doctorate Program started in 2014. Currently, the number of students admitted to the undergraduate program is 80. The Department of Computer Engineering offers a wide range of selective courses in its curriculum which enables the students to specialize in different areas of computer science and engineering. Our mission is to create a learning environment where academic research activities and projects are carried out in collaboration with the industry. In this atmosphere we aim to train researchers and engineers who are competent in the discipline, have proficiency in problem solving as well as good communication and organizational skills, committed to life-long learning and ethical values and sensitive to social issues.

Journal Issue

Abstract

Multiple interconnected network segments distributed across various locations, such as corporate networks, where users or employees constantly travel among segments and require to access servers, need to have network access control mechanisms that are able to adapt to these location changes. The idea of a firewall changing or adapting its rules depending on the location of users is presented by an architecture in this paper. This architecture proposes deployment of a policy server at the management level and policy agents at the firewall level, so that policy-driven network security management is enabled by specifying location aware user based network access control policies at the network security management and enforcing them at the managed firewalls. The architecture presented in this paper utilizes user VPN connection event triggers for dynamic policy configuration and automated policy deployment to firewalls. Location aware user based network access control policies, which are management level policies, are implemented using XACML. A network level policy is usually a configuration, or policy, file local to the firewall. The policy agent incorporated into the firewall performs the mapping from management level policy to firewall policy.

Description

Tuglular, Tugkan/0000-0001-6797-3913
ORCID
Tuglular, Tugkan ORCID logo

Keywords

access control, network security policies, firewalls, location awareness, XACML, firewall policy agents

Turkish CoHE Thesis Center URL

Fields of Science

Citation

1

WoS Q

Scopus Q

OpenCitations Logo
OpenCitations Citation Count
0
Sobiad Logo
Sobiad Citation Count
N/A

Source

7th WSEAS International Conference on TELECOMMUNICATIONS and INFORMATICS -- MAY 27-30, 2008 -- Istanbul, TURKEY

Volume

Issue

Start Page

49

End Page

54

URI

http://65.108.157.135:4000/handle/123456789/34

Collections

WOS