Reference:
In USENIX Security 06
Abstract:
Connectivity in today's enterprise networks is regulated by a
combination of complex routing and bridging policies, along with various
interdiction mechanisms such as ACLs, packet filters, and other
middleboxes that attempt to retrofit access control onto an otherwise
permissive Internet architecture. This leads to enterprise networks
that are inflexible, fragile and difficult to manage.
We offer SANE, a protection architecture for enterprise networks that
overcomes these limitations. By default, hosts can only contact a
logically centralized reference monitor that hands out capabilities
(encrypted source routes) for services, according to declarative
access control policies (e.g.
Full paper: [pdf] [Bibtex Entry]