Security Policies Tuning Among IP Devices

Authors:
Simone Ferraresi;Emanuele Francocci;Alessio Quaglini;Francesco Picasso
Affiliations:
ELSAGDATAMAT, V. Laurentina, 760 - 00143 Roma, Italy;INFOCOM Dept.- Sapienza Università di Roma, Via Eudossiana, 18 - 00184 Roma, Italy;INFOCOM Dept.- Sapienza Università di Roma, Via Eudossiana, 18 - 00184 Roma, Italy;DIBE Dept.- Univ. of Genova, Via All'Opera Pia 11a - 16145 Genova, Italy
Venue:
KES '07 Knowledge-Based Intelligent Information and Engineering Systems and the XVII Italian Workshop on Neural Networks on Proceedings of the 11th International Conference
Year:
2007

Citing 3
Cited 0

Firewalls and Internet security: repelling the wily hacker

Firewalls and Internet security: repelling the wily hacker
Implementing a distributed firewall

Proceedings of the 7th ACM conference on Computer and communications security
Internet Firewalls and Network Security

Internet Firewalls and Network Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Packet filtering is a core operation in network security management. As networks and services become more complex, managing access-list rules becomes an error-prone task. Conflicts among policies can cause holes in security and prevent the load optimization in the network. Here we propose an algorithm to automatically tune up the configurations of IP level security devices. Our aim is to keep the external behaviour (end-to-end) unchanged, while removing distributed inconsistencies all over the network. The algorithm is described in full details and results of the software implementation are shown.