A Formal Approach to Verify Completeness and Detect Anomalies in Firewall Security Policies

TitreA Formal Approach to Verify Completeness and Detect Anomalies in Firewall Security Policies
Publication TypeConference Paper
Year of Publication2015
AuthorsKhoumsi, A, Krombi, W, Erradi, M
EditorCuppens, F, GarciaAlfaro, J, Heywood, NZ, Fong, PWL
Conference NameFOUNDATIONS AND PRACTICE OF SECURITY (FPS 2014)
ISBN Number978-3-319-17040-4; 978-3-319-17039-8
Abstract

Security policies are a relevant solution to protect information systems from undue accesses. In this paper, we develop a formal and rigorous automata-based approach to design and analyze security policies. The interest of our approach is that it can be used as a common basis for analyzing several aspects of security policies, instead of using a distinct approach and formalism for studying each aspect. We first develop a procedure that synthesizes automatically an automaton which implements a given security policy. Then, we apply this synthesis procedure to verify completeness of security policies and detect several types of anomalies in security policies. We also study space and time complexities of the developed procedures.

DOI10.1007/978-3-319-17040-4\_14
Revues: 

Partenaires

Localisation


Location map

Suivez-nous sur

  

Contactez-nous

ENSIAS

Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

Résultat de recherche d'images pour "icone fax" Télécopie : (+212) 5 37 77 72 30

    Compteur de visiteurs:329,007
    Education - This is a contributing Drupal Theme
    Design by WeebPal.