A Study of SLA-Based Defense Resource Management Strategy in Network Security Defense System
This paper mainly propose a service of network security defense provide by the network service provider, and the service system is built on the original ISP network structure, the security decisions center build on the ISP’s core network which is making the policy decisions of security event, and built a defense system on border routers to form a secure domain called security domain, the service provider will join the user who is using the service to the security domain, through the defense system to network traffic monitoring and filtering malice package to provide users of network security threat defense services. Using Service Level Agreements (SLA) to represent users’ needs, so that users can choose services according to their needs, network security defense system provide different type of defense services based on user needs. Finally, we analyze the usage of the defense resource, furthermore we formulate the mechanisms of policy for the client’s needs, and how to allocate resources in the case of resource saturation for the defense to satisfy service providers obtain the best benefits of the service strategy, and design the mechanism of resource management.
KeywordsSecurity Policy Management SLA
- 3.Marilly, E., Martinot, O., Betge-Brezetz, S., Delegue, G.: Requirements for service level agreement management. In: Proc. IEEE Workshop on IP Operations and Management (2002)Google Scholar
- 4.Yu, M.-R.: Implementation of SLA-Based Security Policy Management for Cooperative Defense Network (2010)Google Scholar
- 5.Chain, J.-S.: Design of SLA-Based Cooperative Security and Management Mechanism on Soft Network. In: TANet 2008(2008)Google Scholar
- 6.Lee, W.-H.: On Investigation of Malicious Software’s Activities - A Case Study on a Company’s Internet Connections (2005)Google Scholar
- 7.Taiwan Computer Emergency Response Team and Coordination Center, http://www.cert.org.tw/resource/