Hähni, 2020 - Google Patents
Mondrian: A Comprehensive Inter-Domain Network Zoning ArchitectureHähni, 2020
View PDF- Document ID
- 6048554412648294910
- Author
- Hähni C
- Publication year
External Links
Snippet
A central element of designing IT security infrastructures is the logical segmentation of information assets into groups sharing the same security requirements and policies, called network zones. As more business ecosystems are migrating to the cloud, additional …
- 238000004891 communication 0 abstract description 16
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/104—Grouping of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0254—Stateful filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/54—Store-and-forward switching systems
- H04L12/56—Packet switching systems
- H04L12/5695—Admission control; Resource allocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/25—Routing or path finding through a switch fabric
- H04L49/256—Routing or path finding in ATM switching fabrics
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Casado et al. | SANE: A Protection Architecture for Enterprise Networks. | |
| US8800024B2 (en) | System and method for host-initiated firewall discovery in a network environment | |
| US9356909B2 (en) | System and method for redirected firewall discovery in a network environment | |
| US9185097B2 (en) | Method and system for traffic engineering in secured networks | |
| Li et al. | Mandatory content access control for privacy protection in information centric networks | |
| EP3100405A2 (en) | Systems and methods for protecting communications | |
| EP4323898B1 (en) | Computer-implemented methods and systems for establishing and/or controlling network connectivity | |
| Samociuk | Secure communication between openflow switches and controllers | |
| Li et al. | Enhancing the trust of internet routing with lightweight route attestation | |
| Kwon et al. | Mondrian: Comprehensive Inter-domain Network Zoning Architecture. | |
| Latah et al. | HostSec: A blockchain-based authentication framework for SDN hosts | |
| Jiang et al. | Security‐Oriented Network Architecture | |
| Hähni | Mondrian: A Comprehensive Inter-Domain Network Zoning Architecture | |
| Casado | Architectural support for security management in enterprise networks | |
| Majhi et al. | An authentication framework for securing virtual machine migration | |
| Yoon et al. | {mmTLS}: Scaling the Performance of Encrypted Network Traffic Inspection | |
| US20250240175A1 (en) | Methods and systems for implementing secure communication channels between systems over a network | |
| ILIYASU et al. | SECURITY SCHEME IN INFORMATION-CENTRIC NETWORK (ICN) | |
| Zave et al. | 1 Security provided by endpoints | |
| Paillissé Vilanova | Next generation overlay networks: security, trust, and deployment challenges | |
| Wu et al. | Identity-Based Authentication Protocol for Trustworthy IP Address | |
| Kabeel et al. | KDST: K-Anonymous Node Discovery Using Separation of Trust | |
| Chopra et al. | A survey on wireless security: IP security concern | |
| Varadharajan | Securing local area and metropolitan area networks: A practical approach | |
| Akonjang | SANE: A Protection Architecture For Enterprise Networks |