Abstract
Tactical mobile ad-hoc networks are likely to suffer from highly restricted link capacity and intermittent connectivity loss, but must provide secure access to services. The conditions under which services may be accessed and which security requirements must be maintained will vary dynamically, and local policies will hence change on a per-node basis even when starting from a common baseline such as when nodes obtain new information.
In this paper we describe a mechanism allowing structured security policies to incorporate such local changes but to efficiently reconcile across tactical SOA networks, allowing the derivation of policy decisions as precomputed Horn clauses or directly reasoning over a description logic fragment. This mechanism minimises the communication overhead compared to earlier work whilst maintaining policy integrity, thereby allowing security policies to adapt to resource and network constraints and other local knowledge such as node compromises and blacklisting.
In this paper we describe a mechanism allowing structured security policies to incorporate such local changes but to efficiently reconcile across tactical SOA networks, allowing the derivation of policy decisions as precomputed Horn clauses or directly reasoning over a description logic fragment. This mechanism minimises the communication overhead compared to earlier work whilst maintaining policy integrity, thereby allowing security policies to adapt to resource and network constraints and other local knowledge such as node compromises and blacklisting.
Original language | English |
---|---|
Title of host publication | Proceedings of the Second International Conference on Future Network Systems and Security |
Publisher | Springer-Verlag |
Pages | 47-61 |
Number of pages | 15 |
ISBN (Electronic) | 978-3-319-48021-3 |
ISBN (Print) | 978-3-319-48020-6 |
DOIs | |
Publication status | Published - 2016 |
Publication series
Name | Communications in Computer and Information Science |
---|---|
Publisher | Springer-Verlag |
Volume | 670 |
ISSN (Print) | 1865-0929 |
Keywords
- Ad hoc network Reconciliation Security Security policies Tactical network