Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Taxonomy of Conflicts in Network Security Policies Hazem Hamed and Ehab Al-Shaer
 

Summary: 1
Taxonomy of Conflicts in Network Security Policies
Hazem Hamed and Ehab Al-Shaer
School of Computer Science, Telecommunications and Information Systems
DePaul University, Chicago, USA
Abstract-- Network security polices are essential elements in
Internet security devices that provide traffic filtering, integrity,
confidentiality and authentication. Network security perimeter
devices such as firewalls, IPSec and IDS/IPS devices operate
based on locally configured policies. However, configuring network
security policies remains a complex and error-prone task due
to the rule-dependency semantics, and the interaction between
policies in the network. This complexity is likely to increase as
the network size increases. A successful deployment of a network
security system requires global analysis of policy configurations of
all network security devices in order to avoid policy conflicts and
inconsistency. Policy conflicts may cause serious security breaches
and network vulnerability such as blocking legitimate traffic,
permitting unwanted traffic, and insecure data transmission.
This paper presents a comprehensive classification of security

  

Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University

 

Collections: Computer Technologies and Information Sciences