The Zodiac Policy Subsystem: A Policy-Based Management System for a High-Security MANET

Zodiac (Zero Outage Dynamic Intrinsically Assurable Communities) is an implementation of a high-security MANET, resistant to multiple types of attacks, including Byzantine faults. The Zodiac architecture poses a set of unique system security, performance, and usability requirements to its policy-based management system (PBMS). In this paper, we identify theses requirements, and present the design and implementation of the Zodiac Policy Subsystem (ZPS), which allows administrators to securely specify, distribute and evaluate network control and system security policies to customize ZODIAC behaviors. ZPS uses the Keynote language for specifying all authorization policies. We also present a simple extension of the Keynote language to support obligation policies

Integration of IEEE 802.21 services and pre-authentication framework

Abstract: Providing multi-interface device users the ability to roam between different access networks is becoming a key requirement for service providers. The availability of multiple mobile broadband access technologies together with increasing use of real time multimedia applications is creating strong demand for handover solutions that can seamlessly and securely transfer user sessions across different access technologies. In this paper, we discuss how the Copyright © 2010 Inderscience Enterprises Ltd. Integration of IEEE 802.21 services and pre-authentication framework 173 IEEE 802.21 standard and its services address the challenges of seamless mobility for multi-interface devices. We focus on a proof-of-concept implementation that integrates IEEE 802.21 services and a pre-authentication framework, to optimise handover performance in two different scenarios. The first scenario is initiated by the mobile node and the second one is initiated by the network. We present the measurement results for realising these scenarios. Finally, we describe the implementation challenges and lessons learned throug

Policy-based mobile ad hoc network management

Ad hoc networking is the basis of the future military network-centric warfare architecture. Such networks are highly dynamic in nature, as mobile ad hoc networks are formed over wireless links that are susceptible to failure. Strict requirements on security and reliability combined with the dynamic nature of the network provide a strong motivation for self-forming, self-configuring, and selfhealing capabilities in the network. This paper describes a policy-based mobile ad hoc network management system that addresses these needs. The system provides the capability to express networking requirements in the form of policies at a high level and have them automatically realized in the network by intelligent agents. Our system provides the following capabilities: flexible monitoring and reporting that enables collection of management information from network elements at configurable intervals; automated configuration and re-configuration of network elements based on reported network status; user-definable aggregation and filtering of monitored management information at the source of the data so as to reduce management station processing and network transmission overhead. 1