DocumentCode :
3115380
Title :
Protocol decode based stateful firewall policy definition language
Author :
Parmar, Pankaj N. ; Rajagopal, Priya ; Sahita, Ravi
Author_Institution :
Intel Corp., Santa Clara, CA, USA
fYear :
2004
fDate :
7-9 June 2004
Firstpage :
201
Lastpage :
204
Abstract :
The policies for thwarting attacks on systems vary greatly in complexity, ranging from simple static firewall rules to complex stateful protocol state machine analysis. As intrusion detection systems are getting integrated into firewall solutions, there is a need for a language that can define both firewall policies and system intrusion behavior and exhibit inter-operable traits. This paper presents an XML based, self-documenting State-Aware Firewall Language (SAFire) that is designed to express the various kind of firewall and intrusion behavior.
Keywords :
XML; authorisation; protocols; specification languages; XML; intrusion detection systems; protocol decoding; self-documenting State-Aware Firewall Language; stateful firewall policy definition language; stateful protocol state machine analysis; static firewall rules; system intrusion behavior; Access control; Decoding; Filters; Intrusion detection; Payloads; Performance analysis; Security; Specification languages; Transport protocols; XML;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Policies for Distributed Systems and Networks, 2004. POLICY 2004. Proceedings. Fifth IEEE International Workshop on
Print_ISBN :
0-7695-2141-X
Type :
conf
DOI :
10.1109/POLICY.2004.1309169
Filename :
1309169
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3115380
بازگشت