Celestial security management system

Chong Xu; Fengmin Gong; I. Baldine; C. Sargor; F. Jou; S. F. Wu; Zhi Fu; He Huang

doi:10.1109/DISCEX.2000.824976

Celestial security management system

Chong Xu
, Fengmin Gong
, I. Baldine
, C. Sargor
, F. Jou
, S. F. Wu
, Zhi Fu
, He Huang

Department of Electrical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Citations (Scopus)

Abstract

There has been a vast amount of research and development effort aimed at providing solutions and products that address the security needs in the information age. Each solution tends to address only a particular facet of the security problem and only accessible to limited protocols or applications. Moreover, ad hoc deployment of some solutions (e.g., firewalls and IPsec) can hinder our ability to collaborate across networks. A very important question is how any application can discover policy restrictions brought about by these solutions/mechanisms, and make efficient use of them to satisfy the application's security goals. The Celestial project addresses this question by developing a security management architecture that can (1) automatically discover effective security policies and mechanisms along any network path, (2) dynamically configure security mechanisms across protocol layers and across the network, (3) adaptively re-configure these mechanisms to maintain certain levels of security services when the network is under stress. This paper describes the Celestial system design and implementation, and reports the current status of the project.

Original language	English
Title of host publication	Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	162-172
Number of pages	11
ISBN (Electronic)	0769504906, 9780769504902
DOIs	https://doi.org/10.1109/DISCEX.2000.824976
Publication status	Published - 2000
Event	DARPA Information Survivability Conference and Exposition, DISCEX 2000 - Hilton Head, United States Duration: 2000 Jan 25 → 2000 Jan 27

Publication series

Name	Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000
Volume	1

Conference

Conference	DARPA Information Survivability Conference and Exposition, DISCEX 2000
Country/Territory	United States
City	Hilton Head
Period	00-01-25 → 00-01-27

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Information Systems
Information Systems and Management
Electrical and Electronic Engineering
Safety, Risk, Reliability and Quality

Access to Document

10.1109/DISCEX.2000.824976

Cite this

Xu, C., Gong, F., Baldine, I., Sargor, C., Jou, F., Wu, S. F., Fu, Z., & Huang, H. (2000). Celestial security management system. In Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000 (pp. 162-172). Article 824976 (Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000; Vol. 1). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DISCEX.2000.824976

@inproceedings{00fca55b7b854e0eb3ef9d2ab4629fa1,

title = "Celestial security management system",

abstract = "There has been a vast amount of research and development effort aimed at providing solutions and products that address the security needs in the information age. Each solution tends to address only a particular facet of the security problem and only accessible to limited protocols or applications. Moreover, ad hoc deployment of some solutions (e.g., firewalls and IPsec) can hinder our ability to collaborate across networks. A very important question is how any application can discover policy restrictions brought about by these solutions/mechanisms, and make efficient use of them to satisfy the application's security goals. The Celestial project addresses this question by developing a security management architecture that can (1) automatically discover effective security policies and mechanisms along any network path, (2) dynamically configure security mechanisms across protocol layers and across the network, (3) adaptively re-configure these mechanisms to maintain certain levels of security services when the network is under stress. This paper describes the Celestial system design and implementation, and reports the current status of the project.",

author = "Chong Xu and Fengmin Gong and I. Baldine and C. Sargor and F. Jou and Wu, \{S. F.\} and Zhi Fu and He Huang",

note = "Publisher Copyright: {\textcopyright} 2000 IEEE.; DARPA Information Survivability Conference and Exposition, DISCEX 2000 ; Conference date: 25-01-2000 Through 27-01-2000",

year = "2000",

doi = "10.1109/DISCEX.2000.824976",

language = "English",

series = "Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "162--172",

booktitle = "Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000",

address = "United States",

}

Xu, C, Gong, F, Baldine, I, Sargor, C, Jou, F, Wu, SF, Fu, Z & Huang, H 2000, Celestial security management system. in Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000., 824976, Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000, vol. 1, Institute of Electrical and Electronics Engineers Inc., pp. 162-172, DARPA Information Survivability Conference and Exposition, DISCEX 2000, Hilton Head, United States, 00-01-25. https://doi.org/10.1109/DISCEX.2000.824976

Celestial security management system. / Xu, Chong; Gong, Fengmin; Baldine, I. et al.
Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000. Institute of Electrical and Electronics Engineers Inc., 2000. p. 162-172 824976 (Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000; Vol. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Celestial security management system

AU - Xu, Chong

AU - Gong, Fengmin

AU - Baldine, I.

AU - Sargor, C.

AU - Jou, F.

AU - Wu, S. F.

AU - Fu, Zhi

AU - Huang, He

PY - 2000

Y1 - 2000

N2 - There has been a vast amount of research and development effort aimed at providing solutions and products that address the security needs in the information age. Each solution tends to address only a particular facet of the security problem and only accessible to limited protocols or applications. Moreover, ad hoc deployment of some solutions (e.g., firewalls and IPsec) can hinder our ability to collaborate across networks. A very important question is how any application can discover policy restrictions brought about by these solutions/mechanisms, and make efficient use of them to satisfy the application's security goals. The Celestial project addresses this question by developing a security management architecture that can (1) automatically discover effective security policies and mechanisms along any network path, (2) dynamically configure security mechanisms across protocol layers and across the network, (3) adaptively re-configure these mechanisms to maintain certain levels of security services when the network is under stress. This paper describes the Celestial system design and implementation, and reports the current status of the project.

AB - There has been a vast amount of research and development effort aimed at providing solutions and products that address the security needs in the information age. Each solution tends to address only a particular facet of the security problem and only accessible to limited protocols or applications. Moreover, ad hoc deployment of some solutions (e.g., firewalls and IPsec) can hinder our ability to collaborate across networks. A very important question is how any application can discover policy restrictions brought about by these solutions/mechanisms, and make efficient use of them to satisfy the application's security goals. The Celestial project addresses this question by developing a security management architecture that can (1) automatically discover effective security policies and mechanisms along any network path, (2) dynamically configure security mechanisms across protocol layers and across the network, (3) adaptively re-configure these mechanisms to maintain certain levels of security services when the network is under stress. This paper describes the Celestial system design and implementation, and reports the current status of the project.

UR - https://www.scopus.com/pages/publications/84961745313

UR - https://www.scopus.com/pages/publications/84961745313#tab=citedBy

U2 - 10.1109/DISCEX.2000.824976

DO - 10.1109/DISCEX.2000.824976

M3 - Conference contribution

AN - SCOPUS:84961745313

T3 - Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000

SP - 162

EP - 172

BT - Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - DARPA Information Survivability Conference and Exposition, DISCEX 2000

Y2 - 25 January 2000 through 27 January 2000

ER -

Xu C, Gong F, Baldine I, Sargor C, Jou F, Wu SF et al. Celestial security management system. In Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000. Institute of Electrical and Electronics Engineers Inc. 2000. p. 162-172. 824976. (Proceedings - DARPA Information Survivability Conference and Exposition, DISCEX 2000). doi: 10.1109/DISCEX.2000.824976

Celestial security management system

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this