DocumentCode :
2953290
Title :
Policy-Based Parametric Firewall Configuration: A Real-Case Application
Author :
Marchi, Massimo ; Penzo, Romeo ; Provetti, Alessandro
Author_Institution :
Univ. di Milano, Milano
fYear :
2007
fDate :
13-15 June 2007
Firstpage :
276
Lastpage :
276
Abstract :
We describe a simple policy language for setting up and running firewalls (FW). The language allows to describe sophisticated policies for controlling network connections. Composition is done at set-up time, when a parser, starting from a given policy, generates the relative configuration file for one or more firewalls operating the industry-standard Linux Iptables kernel extension. The policy captures the essence of the desired requirements and constrains upon connections between zones. The language has been designed and it is currently on testing in the context of a large intra/extranet with more than 10,000 assigned IP addresses.
Keywords :
Linux; authorisation; IP addresses; industry-standard Linux Iptables kernel extension; network connections. controlling; policy language; policy-based parametric firewall configuration; sophisticated policies; Extranets; Kernel; Linux; Logic programming; Mirrors; Network servers; Page description languages; Spine; Testing; Writing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Policies for Distributed Systems and Networks, 2007. POLICY '07. Eighth IEEE International Workshop on
Conference_Location :
Bologna
Print_ISBN :
0-7695-2767-1
Type :
conf
DOI :
10.1109/POLICY.2007.34
Filename :
4262602
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2953290
بازگشت