23 September 2009

Controlling the language of security

Korean computer scientists have developed a security policy specification for home networks.

Companies, banks, and other organizations take internet security very seriously and usually have firewalls and IT departments to protect them from attack as a matter of course.

With home and small office networks connecting all kinds of devices—personal computers, mobile devices, remote security cameras, gaming consoles, and more—they represent an even more heterogeneous mix than many larger offices.

Geon Woo Kim of the Electronics and Telecommunications Research Institute in Korea and colleagues there and at Kyungpook National University have developed a specification for security policy on home networks that can guarantee reliability and availability.

The specification also takes into account authentication, authorization, security policy deployment so all users in the home are not only protected from malware but also can help ensure everyone can use the network when they need to.

The system’s new language consists of seven elements: combining-rule element, authentication element, user element, object element, object-group element, role element, and rule element.

For related information, go to www.isa.org/networks.