Presentation | 2005-01-27 A dynamic policy control framework of IP network based on the session control information Seiichi SAKAYA, Kumiko ONO, Hidefumi NAKAMURA, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | These days, end-to-end real-time communication services, such as voice over IP, are getting popular, while security consideration is also required under the current circumstances that lots of attacks are reported in the world. Some end-to-end communication protocol, such as RTP, requires direct communication between arbitrary two terminals using dynamic and private ports, whereas most of the current firewalls filter the packets according to the static policy settings. This means firewall should open a wide range of ports to allow end-to-end communications, which makes the network within the firewall volnerable. In this paper, we show the conditions required for the dynamic firewall control that opens the required port only at the time of communication, and propose a new firewall control technique that fulfills the conditions comparing to the conventional dynamic firewall control techniques. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | SIP / Session Control / Firewall / Security |
Paper # | NS2004-180,OCS2004-140 |
Date of Issue |
Conference Information | |
Committee | NS |
---|---|
Conference Date | 2005/1/20(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Network Systems(NS) |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A dynamic policy control framework of IP network based on the session control information |
Sub Title (in English) | |
Keyword(1) | SIP |
Keyword(2) | Session Control |
Keyword(3) | Firewall |
Keyword(4) | Security |
1st Author's Name | Seiichi SAKAYA |
1st Author's Affiliation | NTT Network Service Systems Laboratories, NTT Corporation() |
2nd Author's Name | Kumiko ONO |
2nd Author's Affiliation | NTT Network Service Systems Laboratories, NTT Corporation |
3rd Author's Name | Hidefumi NAKAMURA |
3rd Author's Affiliation | NTT Network Service Systems Laboratories, NTT Corporation |
Date | 2005-01-27 |
Paper # | NS2004-180,OCS2004-140 |
Volume (vol) | vol.104 |
Number (no) | 616 |
Page | pp.pp.- |
#Pages | 4 |
Date of Issue |