DocumentCode :
2107821
Title :
A Hierarchical Model for Firewall Policy Extraction
Author :
Horowitz, Eduardo ; Lamb, Luis C.
Author_Institution :
Inst. of Inf., Fed. Univ. of Rio Grande do Sul, Porto Alegre
fYear :
2009
fDate :
26-29 May 2009
Firstpage :
691
Lastpage :
698
Abstract :
Firewalls are one of the most widely used mechanisms against security threats in distributed andnetwork systems.However, principled methodologies for firewall extraction policies have been scarcely investigated so far.We introduce a new model for translating low level firewall rules into higher abstraction level rules which allow for the inference of firewall policies. In order to do so, we introduced a new methodology based on rules´ decorrelation algorithms that compute hierarchical firewall policies from lower level firewall rules. Further, we define a new effective model for the explicit extraction of blacklisted and whitelisted hosts and networks.
Keywords :
authorisation; decorrelation algorithms; distributed systems; firewall policy extraction; higher abstraction level rules; network systems; Access control; Data mining; Decorrelation; Erbium; Frequency; Inference algorithms; Informatics; Operating systems; Security; Wool; Firewall Extraction Policies; Firewalls; Foundations of Computer Security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Advanced Information Networking and Applications, 2009. AINA '09. International Conference on
Conference_Location :
Bradford
ISSN :
1550-445X
Print_ISBN :
978-1-4244-4000-9
Electronic_ISBN :
1550-445X
Type :
conf
DOI :
10.1109/AINA.2009.116
Filename :
5076266
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2107821
بازگشت