Internet2
Site Index | Internet2 Searchlight |
About Us | Members | Partnerships | Events | Newsroom
Initiatives | Applications | Security | Middleware | Networks
| Home

HOT LINKS!

MEETING INFORMATION
>Meeting Home
>Evaluation
>General Schedule
>Program
>Demonstrations
>Museum Event
>Netcast Schedule
>Program Committee
>Poster Sessions
>Network Story
>Sponsors
ATTENDEE INFORMATION
>Registration
>Roster
>Hotel & Travel
>Hotel Floor Plan
>Area Attractions
>Intellectual Property Framework
MEDIA
>Media Attendance

Fall 2005 Internet2 Member Meeting

Live netcast and video on demand information.

Network Architecture for Automatic Security and Policy Enforcement

September 20, 2005, 4:30 PM - 5:30 PM
EDT (UTC-4, Daylight Savings)
Location: Wyndham A/B
   Kevin Amorin, Harvard University
   Eric Gauthier, Boston University  [htm]  [ppt]
Session Abstract One of the major security threats facing University and other large-scale end-user networks, especially those supporting residential or dormitory accesses, are the thousands of privately owned and unmanaged computers directly connected to an institution's relatively open, high-speed Internet connections. Security policy enforcement is often lax due to a lack of central control over end-user computers and an inability to tie the actions of these computers to particular individuals.

This talk will begin with an overview of various approaches for automating technical policy enforcement as a condition for network access in colleges and universities, including approaches which allow for host isolation into specialized networks, captive-portal-like remediation systems, and other forms of conditional network access.

Following this overview, we will discuss a generalized description of how networks can enforce various use policies. This description will include a conceptual model of the network components, both in and out of band, that are required to determine a host's network access level as well as those configuration elements, specific to each component, that might allow or deny an end stations network access.

The overview, description, and model are all based on the work being done as part of the Internet2 SALSA-NetAuth working group.
If you attended this meeting, please fill out the Session Evaluation
LIVE STREAMS
  • Netcast and video on demand help.
    		•
    Related Topic Areas
  • Security for Advanced Networks and Applications
  • Middleware

    • Return to Previous Page
    © 1996 - 2010 Internet2 - All rights reserved | Terms of Use | Privacy | Contact Us
    1000 Oakbrook Drive, Suite 300, Ann Arbor MI 48104 | Phone: +1-734-913-4250