Duan et al., 2018 - Google Patents
Architecture for Multilevel Secure System DesignDuan et al., 2018
- Document ID
- 9022287959155516361
- Author
- Duan Y
- Cui Z
- Liu Y
- Publication year
- Publication venue
- 2018 IEEE 18th International Conference on Communication Technology (ICCT)
External Links
Snippet
A high assurance architecture is described for the protection of multilevel secure network, which provides a trusted environment for enforcing multilevel security policies. The presented architecture could prevent unauthorized users on the low side from retrieving …
- 238000004891 communication 0 abstract description 18
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/141—Denial of service attacks against endpoints in a network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATIONS NETWORKS
- H04W12/00—Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATIONS NETWORKS
- H04W12/00—Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Loscocco et al. | The inevitability of failure: The flawed assumption of security in modern computing environments | |
| US7181613B2 (en) | System and method for providing secure internetwork services via an assured pipeline | |
| US8661250B2 (en) | Remote activation of covert service channels | |
| US11463267B2 (en) | Network function virtualization system and verifying method | |
| US6684329B1 (en) | System and method for increasing the resiliency of firewall systems | |
| US6584508B1 (en) | Advanced data guard having independently wrapped components | |
| US7793094B2 (en) | HTTP cookie protection by a network security device | |
| US20110296164A1 (en) | System and method for providing secure network services | |
| Shajan et al. | Survey of security threats and countermeasures in cloud computing | |
| CN114884647B (en) | Network access management method and related equipment | |
| Aich et al. | Study on cloud security risk and remedy | |
| Uchenick et al. | Multiple independent levels of safety and security: high assurance architecture for MSLS/MLS | |
| Ahmed et al. | A generalized threat taxonomy for cloud computing | |
| Diwan | An experimental analysis of security vulnerabilities in industrial internet of things services | |
| Duan et al. | Architecture for Multilevel Secure System Design | |
| Mack | Cyber security | |
| Simpson et al. | Resolving network defense conflicts with zero trust architectures and other end-to-end paradigms | |
| Ma et al. | Security modeling and analysis of mobile agent systems | |
| Johnson et al. | Studying naïve users and the insider threat with SimpleFlow | |
| Mansoor et al. | Virtual Machine’s Network Security | |
| US11695799B1 (en) | System and method for secure user access and agentless lateral movement protection from ransomware for endpoints deployed under a default gateway with point to point links | |
| US11757934B1 (en) | Extended browser monitoring inbound connection requests for agentless lateral movement protection from ransomware for endpoints deployed under a default gateway with point to point links | |
| US11711396B1 (en) | Extended enterprise browser blocking spread of ransomware from alternate browsers in a system providing agentless lateral movement protection from ransomware for endpoints deployed under a default gateway with point to point links | |
| Simpson et al. | Network Defense in an End-to-End Paradigm | |
| Conde Ortiz | Ethical Hacking Of An Industrial Control System |