Academic Commons

Articles

Policy Refinement of Network Services for MANETs

Zhao, Hang; Lobo, Jorge; Roy, Arnab; Bellovin, Steven Michael

In this paper, we describe a framework for a refinement scheme located in a centralized policy server that consists of three components: a knowledge database, a refinement rule set, and a policy repository. The refinement process includes two successive steps: policy transformation and policy composition. Our refinement scheme takes policies written in our logic-based abstract policy language as input and generates low level rules directly implementable by individual enforcement points. We provide concrete policy examples in a coalition scenario that forms a mobile ad hoc network (MANET). We demonstrate policy composition using a distributed firewall scheme named ROFL (ROuting as the Firewall Layer) and access control list as enforcement mechanisms.

Subjects

Files

Also Published In

Title
Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011): Dublin, Ireland, 23-27 May 2011
DOI
https://doi.org/10.1109/INM.2011.5990681

More About This Work

Academic Units
Computer Science
Publisher
IEEE Computer Society
Published Here
October 3, 2011
Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.