K. Okayama, N. Yamai, Hayato Ishibashi, K. Abe, T. Matsuura
{"title":"An Efficient Management Method of Access Policies for Hierarchical Virtual Private Networks","authors":"K. Okayama, N. Yamai, Hayato Ishibashi, K. Abe, T. Matsuura","doi":"10.1109/COMSWA.2007.382593","DOIUrl":null,"url":null,"abstract":"VPN (virtual private network) is one of the most important technologies on the Internet. With VPN, we can securely access to resources in the organizational network via the Internet. In VPNs having hierarchical structure, since each VPN domain has different access policy (whether VPN gateway should perform authentication, data encryption, and so on or not), an administrator of a VPN domain may need to configure access policies which are different from every VPN sub-domain. However, in the existing VPN methods, since access policies are stored in a static configuration file of each VPN gateway, an administrator of a VPN domain has to cooperate with the other administrators of its sub-domains. Therefore, management cost of access policies becomes considerably large if the organization has large and complicated structure. In this paper, we propose an efficient management method of access policies for hierarchical VPNs. In order to reduce management cost, we introduce a database with hierarchical structure to represent access policies easily and policy servers to get access policies automatically. The effectiveness of our proposed method is confirmed by an experiment on an actual network using policy servers based on the proposed method.","PeriodicalId":191295,"journal":{"name":"2007 2nd International Conference on Communication Systems Software and Middleware","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-07-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 2nd International Conference on Communication Systems Software and Middleware","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMSWA.2007.382593","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
VPN (virtual private network) is one of the most important technologies on the Internet. With VPN, we can securely access to resources in the organizational network via the Internet. In VPNs having hierarchical structure, since each VPN domain has different access policy (whether VPN gateway should perform authentication, data encryption, and so on or not), an administrator of a VPN domain may need to configure access policies which are different from every VPN sub-domain. However, in the existing VPN methods, since access policies are stored in a static configuration file of each VPN gateway, an administrator of a VPN domain has to cooperate with the other administrators of its sub-domains. Therefore, management cost of access policies becomes considerably large if the organization has large and complicated structure. In this paper, we propose an efficient management method of access policies for hierarchical VPNs. In order to reduce management cost, we introduce a database with hierarchical structure to represent access policies easily and policy servers to get access policies automatically. The effectiveness of our proposed method is confirmed by an experiment on an actual network using policy servers based on the proposed method.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
