Title :
Management and translation of filtering security policies
Author :
Al-Shaer, Ehab S. ; Hamed, Hazem H.
Author_Institution :
Sch. of Comput. Sci., Telecommun. & Inf. Syst., DePaul Univ., Chicago, IL, USA
Abstract :
Firewalls are essential elements of security policy enforcement in modern networks. However, managing a filtering security policy, especially for enterprise networks, has become complex and error-prone. Filtering rules have to be carefully written and organized in order to correctly implement the security policy and avoid policy anomalies. In this paper, we present a set of techniques and algorithms that provide (1) automatic anomaly discovery for rule conflicts and potential problems in legacy firewalls, (2) anomaly-free policy editing for rule insertion, modification and removal, and (3) concise translation of filtering rules to high-level textual description for user visualization and verification. These techniques significantly simplify the management of any generic firewall policy written as filtering rules, while minimizing network vulnerability due to filtering policy misconfiguration.
Keywords :
authorisation; computer network management; information filters; anomaly-free policy editing; automatic anomaly discovery; filtering policy misconfiguration; filtering security policy; firewall; high-level textual description; management; network vulnerability minimization; policy anomaly avoidance; rule insertion; rule modification; translation; user verification; user visualization; Computer errors; Computer network management; Computer science; Computer security; Filtering algorithms; Information security; Laboratories; Management information systems; Multimedia systems; Visualization;
Conference_Titel :
Communications, 2003. ICC '03. IEEE International Conference on
Print_ISBN :
0-7803-7802-4
DOI :
10.1109/ICC.2003.1204180
