• DocumentCode
    446742
  • Title

    Algorithms for verifying firewall and router access lists

  • Author

    Hassan, A.A.

  • Author_Institution
    Dept. of Comput. Sci. & Eng., Slovak Univ. of Technol., Bratislava, Slovakia
  • Volume
    1
  • fYear
    2003
  • fDate
    27-30 Dec. 2003
  • Firstpage
    512
  • Abstract
    Security in computer networks is a very complex task with various requirements. The network security policy that describes these security requirements is primarily presented in a high-level form. Also, the security policy is enforced using some low-level security mechanisms; mainly firewall technology. This paper presents a new algorithm for verifying the equivalence between the high-level security policy and the corresponding low-level firewall rule-base. This verification ensures that there is no security hole. Also, it ensures that there is no missed low-level rule which may lead to unstable and unconvinced usage of the network.
  • Keywords
    access control; authorisation; computer networks; telecommunication security; computer network security; firewall technology; high-level security policy; low-level firewall rule-base; low-level security mechanism; network security policy; router access list; Access control; Computer networks; Computer science; Computer security; Data security; Electronic mail; Matrix converters; Network servers; Protocols;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Circuits and Systems, 2003 IEEE 46th Midwest Symposium on
  • ISSN
    1548-3746
  • Print_ISBN
    0-7803-8294-3
  • Type

    conf

  • DOI
    10.1109/MWSCAS.2003.1562330
  • Filename
    1562330
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=446742