Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Layered multipoint network defense and security policy enforcement

: Wolthusen, S.

Second Annual IEEE SMC Information Assurance Workshop 2001. Proceedings
West Point, New York, 2001
ISBN: 0-7803-9814-9
Annual Information Assurance Workshop <2, 2001, West Point/NY>
Fraunhofer IGD ()
security policy; operating system extension; firewalling; access control; auditing

This paper discusses the enhancement of security in general purpose operating systems, especially related to threats caused by internetworking, using extensions to operating systems. Such mechanisms have a significantly larger basis for reaching security policy decisions than older host-level security mechanisms and firewalls. By layering defensive mechanisms yet enforcing a consistent security policy across the security layers, goals such as workload distribution, vulnerability compartmentalization, and hierarchical refinement of security policies can be achieved.