Method and architecture for handling conflict of security policies and unified converter

A technology for security policy and conflict handling, which is applied in the field of communication and can solve problems such as security policy conflicts

Active Publication Date: 2011-10-12
ZTE CORP
View PDF4 Cites 19 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] The technical problem to be solved by the present invention is to provide a security policy conflict handling method, architecture and unified converter to solve the problem of security policy conflicts in different networks and meet the needs of unified security policy deployment

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and architecture for handling conflict of security policies and unified converter
  • Method and architecture for handling conflict of security policies and unified converter
  • Method and architecture for handling conflict of security policies and unified converter

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The purpose of the present invention is to provide a general and extensible security policy conflict detection and resolution framework and processing method to meet the requirements of unified security policy deployment.

[0048] In order to achieve the above purpose, the embodiment of the present invention provides a security policy conflict processing architecture, such as figure 1 As shown, the architecture can be divided into the following three layers: strategy layer, middle layer and processing layer. Among them, the main functions of each layer are described as follows:

[0049] Policy layer, which is a collection of security policies and is used to carry security policies from different networks. These security policies can be defined through different formal specification languages ​​or GUI methods.

[0050] Among them, the security policy is a description of behavior rules related to system security, which can guide the behavior management of the system on a ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method and architecture for handling a conflict of security policies and a unified converter, wherein the method comprises the following steps: a strategy layer issues the security policies of different networks to an intermediate layer; the intermediate layer converts the security policies of the different networks uniformly and issues the converted policies to a handling layer; and the handling layer performs conflict handling on the converted security policies of the different networks. According to the method disclosed by the invention, the conflict handling of the security policies of the different networks is realized, and the demand of unifying the security policy deployment is met.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a security policy conflict handling method, architecture and unified converter. Background technique [0002] Policy-based security management is a widely used solution in large-scale networks and distributed systems. With the development of network convergence, business diversity, device complexity, and network heterogeneity expand exponentially, making the security of the entire network more and more complex. Therefore, complex manual configuration can no longer meet the needs of network development, and policy-based solutions are widely used because they can provide network security management methods with efficiency optimization, security uniformity, and convenient operation. [0003] However, due to the complexity of the formal representation of security policies, theoretical models and application environments, policy conflicts inevitably exist. Strategy conflict r...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 陈书义颜正清高峰李媛
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap