• DocumentCode
    3244640
  • Title

    Automatic Conflict Analysis and Resolution of Traffic Filtering Policy for Firewall and Security Gateway

  • Author

    Ferraresi, S. ; Pesic, S. ; Trazza, L. ; Baiocchi, Andrea

  • Author_Institution
    ELSAG S.p.A., Rome
  • fYear
    2007
  • fDate
    24-28 June 2007
  • Firstpage
    1304
  • Lastpage
    1310
  • Abstract
    Firewalls and Security Gateways are core elements in network security infrastructure. As networks and services become more complex, managing access-list rules becomes an error-prone task. Conflicts in a policy can cause holes in security, and can often be hard to find while performing only visual or manual inspection. First, we have defined a methodology to systematically classify the severity of rule conflicts; secondly, we have proposed two different solutions to automatically resolve conflicts in a firewall. For one of them we found an algebraic proof of the existence of the solution and the convergence of the algorithm, and then we have made a software implementation to test it.
  • Keywords
    authorisation; computer network management; internetworking; telecommunication security; telecommunication traffic; automatic conflict analysis; conflict resolution; firewall; network security; security gateway; traffic filtering policy; Communication system security; Communications Society; Data security; Electronic mail; Filtering; Inspection; Object oriented modeling; Protocols; Software algorithms; Software testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Communications, 2007. ICC '07. IEEE International Conference on
  • Conference_Location
    Glasgow
  • Print_ISBN
    1-4244-0353-7
  • Type

    conf

  • DOI
    10.1109/ICC.2007.220
  • Filename
    4288891
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3244640