TY - GEN
T1 - An efficient management method of access policies for hierarchical virtual private networks
AU - Okayama, Kiyohiko
AU - Yamai, Nariyoshi
AU - Ishibashi, Hayato
AU - Abe, Kota
AU - Matsuura, Toshio
PY - 2007/10/1
Y1 - 2007/10/1
N2 - VPN (Virtual Private Network) is one of the most important technologies on the Internet. With VPN, we can securely access to resources in the organizational network via the Internet. In VPNs having hierarchical structure, since each VPN domain has different access policy (whether VPN gateway should perform authentication, data encryption, and so on or not), an administrator of a VPN domain may need to configure access policies which are different from every VPN sub-domain. However, in the existing VPN methods, since access policies are stored in a static configuration file of each VPN gateway, an administrator of a VPN domain has to cooperate with the other administrators of its sub-domains. Therefore, management cost of access policies becomes considerably large if the organization has large and complicated structure. In this paper, we propose an efficient management method of access policies for hierarchical VPNs. In order to reduce management cost, we introduce a database with hierarchical structure to represent access policies easily and policy servers to get access policies automatically. The effectiveness of our proposed method is confirmed by an experiment on an actual network using policy servers based on the proposed method.
AB - VPN (Virtual Private Network) is one of the most important technologies on the Internet. With VPN, we can securely access to resources in the organizational network via the Internet. In VPNs having hierarchical structure, since each VPN domain has different access policy (whether VPN gateway should perform authentication, data encryption, and so on or not), an administrator of a VPN domain may need to configure access policies which are different from every VPN sub-domain. However, in the existing VPN methods, since access policies are stored in a static configuration file of each VPN gateway, an administrator of a VPN domain has to cooperate with the other administrators of its sub-domains. Therefore, management cost of access policies becomes considerably large if the organization has large and complicated structure. In this paper, we propose an efficient management method of access policies for hierarchical VPNs. In order to reduce management cost, we introduce a database with hierarchical structure to represent access policies easily and policy servers to get access policies automatically. The effectiveness of our proposed method is confirmed by an experiment on an actual network using policy servers based on the proposed method.
UR - http://www.scopus.com/inward/record.url?scp=34748860837&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34748860837&partnerID=8YFLogxK
U2 - 10.1109/COMSWA.2007.382593
DO - 10.1109/COMSWA.2007.382593
M3 - Conference contribution
AN - SCOPUS:34748860837
SN - 1424406145
SN - 9781424406142
T3 - Proceedings of the 2007 2nd International Conference on Communication System Software and Middleware and Workshops, COMSWARE 2007
BT - Proceedings of the 2007 2nd International Conference on Communication System Software and Middleware and Workshops, COMSWARE 2007
T2 - 2007 2nd International Conference on Communication System Software and Middleware and Workshops, COMSWARE 2007
Y2 - 7 January 2007 through 12 January 2007
ER -