Towards building a network security infrastructure

There are two parts in this dissertation. The first part deals with network security management and the second part introduces a new method of cryptographic protocol analysis.; Part I. Celestial security management system. There has been a vast amount of research and development effort aimed at providing solutions and products that address security needs. Each solution tends to address only a particular facet of the security problem, and thus has limited access to protocols as well as applications. Moreover, ad hoc deployment of some solutions, such as firewalls and the IP Security Protocol (IPsec), may hinder dynamic collaborations across networks and across domains. Therefore, an important issue is how applications, including security protocols, discover security capabilities along with policy restriction brought about by heterogeneous solutions/mechanisms and make efficient use of the underlying security mechanisms to satisfy their security goals.; The dissertation addresses this issue by developing a security management infrastructure called Celestial that can: (1) automatically discover effective security mechanisms and security policies along any network path; (2) dynamically configure security mechanisms across protocol layers and across network; (3) provide a security service application programming interface (API), through which the security-aware applications request inter-domain security communication channels to be set up on the fly; (4) adaptively re-configure the underlying security mechanisms to maintain certain levels of security service when the network is under attack.; Part II. A new method of cryptographic protocol analysis . This dissertation proposes a new cryptographic analysis method that addresses the state explosion problem of the state machine approach. The new method searches for possible protocol attacks by analyzing simplified versions of protocols. The new method starts from an intruder's goals and objectives of breaking a cryptographic protocol and simulates the intruder's behavior of manipulating messages in order to break the protocol. The novelty is that the new method identifies each impersonation scenario and simplifies a protocol based on the individual impersonation scenario.; In order for the new method to be applied, different types of rules are employed. The two major steps of the new method are protocol simplification and the attack search. (Abstract shortened by UMI.)...