%0 Conference Paper %1 ki-2012-0090 %A Berger, Sören %A Vensmer, Alexander %A Kiesel, Sebastian %B Proceedings of the The Seventh International Conference on Systems and Networks Communications (ICSNC 2012) %C Lisbon, Portugal %D 2012 %K imported myown tikauthor:kiesel %P 118--123 %T An ABAC-based Policy Framework for Dynamic Firewalling %U http://www.thinkmind.org/index.php?view=article&articleid=icsnc_2012_5_40_20202 %X This paper presents the Policy Framework of DynFire, a novel approach for attribute-based, dynamic control of network firewalls. DynFire allows an individually controlled, secure access to IT resources of a large organization, with particular focus on mobile users and users with restricted rights, such as subcontractors. The basic assumption behind DynFire is that, within a secured network domain separated from the Internet, a temporary binding between an IP address and a single user ID can be established. Users with different attributes can authenticate to the network and get individual access to network resources. To administrate such a large amount of users and different access rights within a secured network domain of an organization, which includes distributed organisational zones, a policy framework is needed. The following paper presents a policy framework for dynamic and distributed firewalls which is able to grant access control on a per-user basis, with multitenancy capabilities and administrative delegation. %@ 978-1-61208-231-8

@inproceedings{ki-2012-0090, abstract = {This paper presents the Policy Framework of DynFire, a novel approach for attribute-based, dynamic control of network firewalls. DynFire allows an individually controlled, secure access to IT resources of a large organization, with particular focus on mobile users and users with restricted rights, such as subcontractors. The basic assumption behind DynFire is that, within a secured network domain separated from the Internet, a temporary binding between an IP address and a single user ID can be established. Users with different attributes can authenticate to the network and get individual access to network resources. To administrate such a large amount of users and different access rights within a secured network domain of an organization, which includes distributed organisational zones, a policy framework is needed. The following paper presents a policy framework for dynamic and distributed firewalls which is able to grant access control on a per-user basis, with multitenancy capabilities and administrative delegation.}, added-at = {2023-11-17T18:29:11.000+0100}, address = {Lisbon, Portugal}, author = {Berger, S\"{o}ren and Vensmer, Alexander and Kiesel, Sebastian}, biburl = {https://puma.ub.uni-stuttgart.de/bibtex/2d1cfe789135a6cab776319f6e262e948/skiesel}, booktitle = {Proceedings of the The Seventh International Conference on Systems and Networks Communications (ICSNC 2012)}, interhash = {533b8240750d363753f4743fb06abbef}, intrahash = {d1cfe789135a6cab776319f6e262e948}, isbn = {978-1-61208-231-8}, keywords = {imported myown tikauthor:kiesel}, month = nov, pages = {118--123}, pdf = {http://www.thinkmind.org/download.php?articleid=icsnc_2012_5_40_20202}, timestamp = {2023-11-20T16:35:54.000+0100}, title = {{An ABAC-based Policy Framework for Dynamic Firewalling}}, url = {http://www.thinkmind.org/index.php?view=article&articleid=icsnc_2012_5_40_20202}, year = 2012 }