A Flexible Policy-Based Firewall Management Framework

Author

Jin-hua, Wu ; Xiao-su, Chen ; Yi-zhu, Zhao ; Jun, Ni

Author_Institution

Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan

fYear

2008

fDate

22-24 Sept. 2008

Firstpage

192

Lastpage

194

Abstract

Firewalls are important elements in today´s network security. This paper presents a flexible policy-based firewall management framework. The framework provides policy-based management to manage different types of firewalls, such as packet filter firewall, application layer firewall. It is important to know whether the firewall policy configuration and enforcement is correct. We believe that there is a need to verify firewall configurations before and after they are deployed. Our framework uses a analyze tool to discover inconsistency before policies are deployed, the tool is based on formal specification and analysis of policy rule relations. Our framework also provides an automated mechanism for validating firewall policy enforcement after they are deployed.

Keywords

authorisation; computer network management; formal specification; telecommunication security; application layer firewall; firewall policy configuration; firewall policy enforcement; flexible policy-based firewall management; formal specification; network security; packet filter firewall; policy rule relations; Application software; Computer network management; Computer science; Computer security; Conference management; Filtering; Filters; Formal specifications; Technology management; Testing; policy enforcement validation; policy inconsistency; policy-based management;

fLanguage

English

Publisher

ieee

Conference_Titel

Cyberworlds, 2008 International Conference on

Conference_Location

Hangzhou

Print_ISBN

978-0-7695-3381-0

Type

conf

DOI

10.1109/CW.2008.134

Filename

4741299