Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
FoSSaCS '98 Proceedings of the First International Conference on Foundations of Software Science and Computation Structure
Filtering postures: local enforcement for global policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Fang: A Firewall Analysis Engine
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Using ambients to control resources
International Journal of Information Security - Special issue on security in global computing
Architecting the Lumeta firewall analyzer
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Hi-index | 0.00 |
This paper proposes a firewall specification calculus suited for expressing security policies implemented in distributed firewalls. Our syntax and semantics, inspired from the ambient calculus, allow the specification of filtering rules for both single and distributed configurations. We show how our calculus can be used to address the problem of conflict detection and how our approach facilitates the analysis of the effect that network topologies have on distributed firewall policies.