Open Access
Subscription Access
Producing Security Policy of IPSec Based on Improved λ-ID3 Algorithm
Abstract
IPSec is a policy-driven security mechanism. How to quickly generate corresponding security policy due to the diversity of network security is one of the core issues of IPSec. Although IPSec supports a rich set of protection modes and operations, its policy configuration remains an inefficient and error-prone task in the dynamic conditions. In this article, we propose an IPSec policy engine which can generate dynamically and store the security policy of IPSec under different algorithms. Furthermore, we extend a novel ID3 algorithm to automatically generate correct policies. The algorithm, which introduces the dynamic parameter-- importance factor λ when calculating the information entropy, can overcome the flaw of traditional ID3 algorithm that tends to choose attributes that have more values, and improve the efficiency and flexibility of IPSec security policy, and better meet the actual situation.
Keywords
IPSec; Security policy; ID3 algorithm; Policy engine; Importance factor
Citation Format:
Ming Yang, Shuxu Guo, Jun Wang, "Producing Security Policy of IPSec Based on Improved λ-ID3 Algorithm," Journal of Internet Technology, vol. 13, no. 1 , pp. 19-26, Jan. 2012.
Ming Yang, Shuxu Guo, Jun Wang, "Producing Security Policy of IPSec Based on Improved λ-ID3 Algorithm," Journal of Internet Technology, vol. 13, no. 1 , pp. 19-26, Jan. 2012.
Refbacks
- There are currently no refbacks.
Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Office of Library and Information Services, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 974301, Taiwan, R.O.C.
Tel: +886-3-931-7314 E-mail: jit.editorial@gmail.com