Security Policy Database
E123428
The Security Policy Database is a core IPsec component that defines the rules and conditions under which network traffic must be protected, bypassed, or discarded.
All labels observed (1)
| Label | Occurrences |
|---|---|
| Security Policy Database canonical | 2 |
How this entity was disambiguated
This entity first appeared as the object of triple T1077087 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: Security Policy Database Context triple: [IPsec, usesConcept, Security Policy Database]
-
A.
FBI data governance policies
FBI data governance policies are the formal rules and standards that regulate how the FBI manages, protects, and uses its information and intelligence data across the organization.
-
B.
Policy-Based Management
Policy-Based Management is a SQL Server feature that lets administrators define, enforce, and monitor configuration policies across database instances to ensure compliance with organizational standards.
-
C.
Data Guard
Data Guard is Oracle's high-availability and disaster recovery solution that maintains synchronized standby databases to protect against data loss and downtime.
-
D.
Security Service
The Security Service, commonly known as MI5, is the United Kingdom’s domestic counter-intelligence and security agency responsible for protecting national security against threats such as terrorism and espionage.
-
E.
SS Security Service (SD)
The SS Security Service (SD) was Nazi Germany’s intelligence and security agency of the SS, responsible for surveillance, repression, and ideological control within the Third Reich and occupied territories.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: Security Policy Database Target entity description: The Security Policy Database is a core IPsec component that defines the rules and conditions under which network traffic must be protected, bypassed, or discarded.
-
A.
FBI data governance policies
FBI data governance policies are the formal rules and standards that regulate how the FBI manages, protects, and uses its information and intelligence data across the organization.
-
B.
Policy-Based Management
Policy-Based Management is a SQL Server feature that lets administrators define, enforce, and monitor configuration policies across database instances to ensure compliance with organizational standards.
-
C.
Data Guard
Data Guard is Oracle's high-availability and disaster recovery solution that maintains synchronized standby databases to protect against data loss and downtime.
-
D.
Security Service
The Security Service, commonly known as MI5, is the United Kingdom’s domestic counter-intelligence and security agency responsible for protecting national security against threats such as terrorism and espionage.
-
E.
SS Security Service (SD)
The SS Security Service (SD) was Nazi Germany’s intelligence and security agency of the SS, responsible for surveillance, repression, and ideological control within the Third Reich and occupied territories.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
IPsec component
ⓘ
network security database ⓘ |
| actionType |
BYPASS
ⓘ
DISCARD ⓘ PROTECT ⓘ |
| alsoKnownAs | SPD ⓘ |
| belongsToProtocolSuite | IPsec ⓘ |
| canBeConfiguredVia |
IPsec policy management utilities
ⓘ
operating system security tools ⓘ |
| contains |
IPsec usage requirements
ⓘ
policy entries ⓘ processing actions ⓘ security policies ⓘ selectors ⓘ |
| controls | application of IPsec protection to packets ⓘ |
| definedIn | IPsec architecture ⓘ |
| determines | whether a Security Association is required ⓘ |
| ensures | consistent application of IPsec policies ⓘ |
| evaluatedBy |
inbound packet processing
ⓘ
outbound packet processing ⓘ |
| goal | control protection of network traffic based on defined rules ⓘ |
| managedBy | system administrator ⓘ |
| mapsTo | Security Associations in the Security Association Database ⓘ |
| operatesAtLayer | network layer ⓘ |
| policyDecisionPointFor | IPsec packet handling ⓘ |
| policyEntryIncludes |
action to apply to matching traffic
ⓘ
destination IP address selectors ⓘ destination port selectors ⓘ direction of traffic ⓘ source IP address selectors ⓘ source port selectors ⓘ upper-layer protocol selectors ⓘ |
| predecessorSpecification | RFC 2401 ⓘ |
| primaryFunction |
define security policies for IP traffic
ⓘ
determine whether traffic is protected, bypassed, or discarded ⓘ |
| relatedTo | Security Association Database ⓘ |
| scope |
per-host IPsec policies
ⓘ
per-interface IPsec policies ⓘ per-traffic-selector policies ⓘ |
| specifiedIn | RFC 4301 ⓘ |
| supports |
transport mode IPsec policies
ⓘ
tunnel mode IPsec policies ⓘ |
| usedBy |
IPsec implementation
ⓘ
IPsec key management subsystem ⓘ IPsec processing engine ⓘ |
| usedFor |
access control decisions on IP packets
ⓘ
traffic selection for IPsec processing ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: Security Policy Database Description of subject: The Security Policy Database is a core IPsec component that defines the rules and conditions under which network traffic must be protected, bypassed, or discarded.
Referenced by (2)
Full triples — surface form annotated when it differs from this entity's canonical label.