Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
Specifications of A High-level Conflict-Free Firewall Policy Language for Multi-domain Networks
 

Summary: Specifications of A High-level Conflict-Free Firewall Policy
Language for Multi-domain Networks
Bin Zhang, Ehab Al-Shaer, Radha Jagadeesan, James Riely, Corin Pitcher
School of Computer Science, Telecommunications and Information Systems
DePaul University,
{bzhang, ehab, rjagadeesan, jriely, cpitcher}@cs.depaul.edu
ABSTRACT
Multiple firewalls typically cooperate to provide security
properties for a network, despite the fact that these fire-
walls are often spatially distributed and configured in isola-
tion. Without a global view of the network configuration,
such a system is ripe for misconfiguration, causing conflicts
and major security vulnerabilities.
We propose FLIP, a high-level firewall configuration pol-
icy language for traffic access control, to enforce security
and ensure seamless configuration management. In FLIP,
firewall security policies are defined as high-level service-
oriented goals, which can be translated automatically into
access control rules to be distributed to appropriate enforce-
ment devices. FLIP guarantees that the rules generated will

  

Source: Al-Shaer, Ehab - School of Computer Science, Telecommunications and Information Systems, DePaul University

 

Collections: Computer Technologies and Information Sciences