Filtering postures: local enforcement for global policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Fang: A Firewall Analysis Engine
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
FACE: A Firewall Analysis and Configuration Engine
SAINT '05 Proceedings of the The 2005 Symposium on Applications and the Internet
International Journal of Information Security
Specifications of a high-level conflict-free firewall policy language for multi-domain networks
Proceedings of the 12th ACM symposium on Access control models and technologies
Model-Based Development of firewall rule sets: Diagnosing model inconsistencies
Information and Software Technology
IEEE Transactions on Parallel and Distributed Systems
Automatic Enforcement of Security in Computer Networks
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
Formal Specification and Analysis of Firewalls
Proceedings of the 2009 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the Eighth SoMeT_09
Modeling and Management of Firewall Policies
IEEE Transactions on Network and Service Management
| Hi-index | 0.00 |
Firewalls are crucial elements in enforcing network security policies. They have been widely deployed for securing private networks but, their configuration remains complex and error prone. During the last years, many techniques and tools have been proposed to correctly configure firewalls. However, most of existing works are informal and do not take into account the global performance of the network or other qualities of its services (QoS). In this paper we introduce a formal approach allowing to formally and optimally configure a network so that a given security policy is respected and by taking into account the QoS.