Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Management and Translation of Filtering Security Policies
 

Summary: Management and Translation of Filtering
Security Policies
Ehab S. Al-Shaer and Hazem H. Hamed
Multimedia Networking Research Laboratory
School of Computer Science, Telecommunications and Information Systems
DePaul University, Chicago, USA
Email: {ehab, hhamed}@cs.depaul.edu
Abstract-- Firewalls are essential elements for security pol-
icy enforcement in modern networks. However, managing a
filtering security policy, especially for enterprise networks, has
become complex and error-prone. Filtering rules have to be
carefully written and organized in order to correctly implement
the security policy and avoid policy anomalies. In this paper,
we present a set of techniques and algorithms that provide
(1) automatic anomaly discovery for rule conflicts and potential
problems in legacy firewalls, (2) anomaly-free policy editing
for rule insertion, modification and removal, and (3) concise
translation of filtering rules to high-level textual description for
user visualization and verification. These techniques significantly
simplify the management of any generic firewall policy written

  

Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University

 

Collections: Computer Technologies and Information Sciences