(http://www.mnlab.cs.depaul.edu/events/JHSN-policy)
Submission Deadline:
Notification of
acceptance: December, 2005
Final papers due: February 2006
The importance of effective network security policy management has been
significantly increasing in the past few years. Network security perimeter devices
such as Firewalls, IPSec gateways, Intrusion Detection and Prevention Systems
operate based on locally configured policies. However, the complexity of
managing security polices, particularly in enterprise networks that usually
have heterogeneous devices and polices, has become a main challenge for
deploying effective security. Yet these policies are not necessarily independent
as they interact with each other to form the global security policy. It is a
common practice to configure security policies on each of the perimeter devices manually and in
isolation from each other due to different administrative domains, roles and
personnel, among other reasons. As a result, rule conflicts and policy
inconsistencies may be introduced in the system, leading to serious security
breach and network vulnerability. Moreover, enterprise networks continuously
grow in size and complexity, and they are in a constant state of change (in topologies, devices, protocols,
and vulnerabilities), resulting in frequent changes in security policies. All these make policy enforcement,
modification, verification, and evaluation intractable tasks.
This special issue is
seeking solutions that offer seamless policy management with provable security in
heterogeneous multi-vender network security environments. This special issue solicits original and unpublished contributions
addressing security policy management issues. Topics of particular interest
are automated policy
management, dynamic policy-based security, security policy verification and
distribution, and policy unification that improve the
state-of-the-art in this area. Examples of selected topics include but are not
limited to:
·
Policy modeling and
verification using formal methods
·
Conflict discovery and
resolution
·
High-speed security
policy analysis
·
Frameworks for policy
testing, assessment, comparison and evaluation.
·
Dynamic policy-based
security management
·
Adaptive security
polices
·
Policy visualization
·
Distributed policy
editing, delegation and distribution
·
Policy translation:
from high-to-low level and vice versa
·
Data mining for policy
inspection, evaluation and enhancement
·
Policy-management for
wireless and mobile networks
·
Novel policy management
architectures
·
Security policy languages
and management for multi-device, multi-protocol and multi-vendor
·
Automatic security
policy management in heterogonous network environment
·
Management of
Interactions between Security Policies and other types of policies.
·
Implementation and Case
Studies of Security Policy Management System
·
System
intelligence to enable automated policy management: monitoring, event/data
correlation and root-cause analysis
SUBMISSION GUIDELINES
Paper
submissions must present original, unpublished research or experiences.
Submissions exceeding the above mentioned paper size will not be reviewed and
returned to the authors. Submitted papers must not exceed 20 pages double space
and 12-point font size. Paper must be submitted online as PDF format via the
EDAS web cite (http://edas.info). For questions, you can send an email to one of the guest editors:
Guest Editors