Title :
A Flexible Policy-Based Firewall Management Framework
Author :
Jin-hua, Wu ; Xiao-su, Chen ; Yi-zhu, Zhao ; Jun, Ni
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
Firewalls are important elements in today´s network security. This paper presents a flexible policy-based firewall management framework. The framework provides policy-based management to manage different types of firewalls, such as packet filter firewall, application layer firewall. It is important to know whether the firewall policy configuration and enforcement is correct. We believe that there is a need to verify firewall configurations before and after they are deployed. Our framework uses a analyze tool to discover inconsistency before policies are deployed, the tool is based on formal specification and analysis of policy rule relations. Our framework also provides an automated mechanism for validating firewall policy enforcement after they are deployed.
Keywords :
authorisation; computer network management; formal specification; telecommunication security; application layer firewall; firewall policy configuration; firewall policy enforcement; flexible policy-based firewall management; formal specification; network security; packet filter firewall; policy rule relations; Application software; Computer network management; Computer science; Computer security; Conference management; Filtering; Filters; Formal specifications; Technology management; Testing; policy enforcement validation; policy inconsistency; policy-based management;
Conference_Titel :
Cyberworlds, 2008 International Conference on
Conference_Location :
Hangzhou
Print_ISBN :
978-0-7695-3381-0
DOI :
10.1109/CW.2008.134
