Fang: A Firewall Analysis Engine
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Managing Delegation in Access Control Models
ADCOM '07 Proceedings of the 15th International Conference on Advanced Computing and Communications
Hi-index | 0.00 |
Because of the growing complexity of networks and the difficult task of security policy enforcement, system administrators need simple and powerful security management tools. This paper presents a network security management tool that allows policy specification and administration of network security components such as firewall. The tool consists of four main modules. First module is considered the network repository of our toolkit. Through the second module the security policy is introduced and the necessary validation and verification is done by a policy engine. The third module is responsible for the translation of the high level security policy into an intermediate model level. Finally, the intermediate level is translated automatically into a vendor-specific security mechanism through the vendor specific compiler.