Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers

Research Article

A New Method for Creating Efficient Security Policies in Virtual Private Network

Download533 downloads
  • @INPROCEEDINGS{10.1007/978-3-642-03354-4_49,
        author={Mohammad Sadeghi and Borhanuddin Mohd Ali and Hossein Pedram and Mehdi Deghan and Masoud Sabaei},
        title={A New Method for Creating Efficient Security Policies in Virtual Private Network},
        proceedings={Collaborative Computing: Networking, Applications and Worksharing. 4th International Conference, CollaborateCom 2008, Orlando, FL, USA, November 13-16, 2008, Revised Selected Papers},
        proceedings_a={COLLABORATECOM},
        year={2012},
        month={5},
        keywords={IPsec policies security policy security requirement virtual private network},
        doi={10.1007/978-3-642-03354-4_49}
    }
    
  • Mohammad Sadeghi
    Borhanuddin Mohd Ali
    Hossein Pedram
    Mehdi Deghan
    Masoud Sabaei
    Year: 2012
    A New Method for Creating Efficient Security Policies in Virtual Private Network
    COLLABORATECOM
    Springer
    DOI: 10.1007/978-3-642-03354-4_49
Mohammad Sadeghi1,*, Borhanuddin Mohd Ali1,*, Hossein Pedram2,*, Mehdi Deghan2,*, Masoud Sabaei2,*
  • 1: Universiti Putra Malaysia
  • 2: Amirkabir University
*Contact email: mmgsadeghi@yahoo.com, borhan@eng.upm.edu.my, pedram@ce.aut.ac.ir, dehghan@ce.aut.ac.ir, sabaei@ce.aut.ac.ir

Abstract

One of the most important protocols for implementing tunnels in order to take action of secure virtual private network is IPsec protocol. IPsec policies are used widely in order to limit access to information in security gateways or firewalls. The security treatment, namely (Deny, Allow or Encrypt) is done for outbound as well as inbound traffic by security policies. It is so important that they adjust properly. The current methods for security policies creation as seen in given security requirements are not efficient enough i.e. there are much more created policies than requirements. In this paper, we define a new method to decrease adopted security policies for a specific set of security requirements without any undesirable effect. Our measurement shows that security policies creation will be improved efficiently, and their updating time will be decreased.