SECURITY MEDIATION FOR DYNAMICALLY PROGRAMMABLE NETWORK

A network security policy may be implemented at network switches as a set of active packet disposition directives. In a dynamically programmable network, the network switches can be dynamically reprogrammed with new packet disposition directives. A security mediation service permits such dynamic rep...

Full description

Saved in:
Bibliographic Details
Main Authors Fong Martin W, Porras Phillip A, Yegneswaran Vinod
Format Patent
LanguageEnglish
Published 30.11.2017
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:A network security policy may be implemented at network switches as a set of active packet disposition directives. In a dynamically programmable network, the network switches can be dynamically reprogrammed with new packet disposition directives. A security mediation service permits such dynamic reprogramming as long as the new directives are consistent with the then-current network security policy. The security mediation service evaluates candidate packet disposition directives for conflicts with the currently active security policy, before instantiating the candidate packet disposition directives at the network switches.
Bibliography:Application Number: US201715621774