Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Tempering network stacks

: Wolthusen, Stephen

Volltext (PDF; )

NATO, Research and Technology Organisation -RTO-; North Atlantic Treaty Organization -NATO-, Brussels:
Adaptive defence in unclassified networks. CD-ROM : Papers presented at the RTO Information Systems Technology Panel (IST) symposium held in Toulouse, France, 19 - 20 April 2004
Neuilly-sur-Seine: NATO, RTO, 2004
ISBN: 92-837-0039-2
Information Systems Technology Panel Symposium (IST) <2004, Toulouse>
Konferenzbeitrag, Elektronische Publikation
Fraunhofer IGD ()
network security; security policy; network protocol

This paper summarizes existing and describes ongoing work on security policy definition and particularly enforcement in heterogeneous distributed systems. Based on a formal model of operating systems and interactions among networked nodes in a distributed system axiomatizing relations among and abstractions in distributed systems, arbitrary security policies can be defined over the same model; automated reasoning techniques can be used to dynamically derive the compliance of operations with all applicable security policies. A key component for enforcing such security policies in operating system network stacks is described along with instrumentation techniques for the Microsoft Windows NT family of operating systems.