Using security policies in a network securing process

Abstract

A security policy constitutes one of the major actors in the protection of communication networks but can be one of their drawbacks too. This can be the case if it is inadequate to the security requirements for example. For this, a security policy has to be checked before its real deployment. In this paper, we propose three checking activities each of which is adapted to a given phase of the policy deployment process. This activities deal with the SP validation, the SP testing and the multi-SP conflict management. Our techniques are inspired by the well established techniques of the software engineering for which we have found some similarities with the security domain.