Network Access Control Configuration Management using Semantic Web Techniques

Fitzgerald, William M. and Foley, S. N. and Ó Foghlú, Mícheál (2009) Network Access Control Configuration Management using Semantic Web Techniques. Journal of Research and Practice in Information Technology, 41 (2). pp. 99-117. ISSN 1443-458X

[thumbnail of jrpit2009.pdf]

Download (140kB) | Preview
Official URL:


Network Access Control requirements are typically implemented in practice as a series of heterogeneous security-mechanism-centric policies that span system services and application domains. For example, a Network Access Control policy night be configured in terms of firewall, proxy, intrusion prevention and user access policies. While defined separately, these security policies may interoperate in the sense that the access requirements of one may conflict and/or be redundant with respect to the access requirements of another. Thus, managing a large number of distinct policies becomes a major challenge in terms of deploying and maintaining a meaningful and consistent configuration. It is argued that employing techniques of the Semantic Web-an architecture that supports the formal representation, reasoning and sharing of heterogeneous domain knowledge-provides a natural approach to solving this challenge. A risk-based approach to configuring interoperable Network Access Control policies is described. Each Network Access Control mechanism has an ontology that is used to represent its configuration. This knowledge is unified with higher-level business (risk) rides, providing a single (extensible) ontology that supports reasoning across the different Network, Access Control policy configurations.

Item Type: Article
Additional Information: ISI Document Delivery No.: 468QA Times Cited: 0 Cited Reference Count: 23 Fitzgerald, William M. Foley, Simon N. Foghlu, Micheal O. SFI Autonomic Management of Communications Networks and Services [04/IN3/1404C] This research has been funded by SFI Autonomic Management of Communications Networks and Services PI Cluster Award: 04/IN3/1404C. AUSTRALIAN COMPUTER SOC INC SYDNEY
Uncontrolled Keywords: Security Configuration Network Access Control Ontology Risk Semantic Web
Departments or Groups: Walton Institute for Information and Communications Systems Science
Divisions: School of Science > Department of Computing, Maths and Physics
Depositing User: Mícheál Ó Foghlú
Date Deposited: 19 Nov 2012 16:01
Last Modified: 22 Aug 2016 10:26

Actions (login required)

View Item View Item