A formal basis for the design and analysis of firewall security policies

TitreA formal basis for the design and analysis of firewall security policies
Publication TypeJournal Article
Year of Publication2018
AuthorsKhoumsi, A, Erradi, M, Krombi, W
JournalJournal of King Saud University - Computer and Information Sciences
Volume30
Pagination51-66
Abstract

A firewall is the core of a well defined network security policy. This paper presents an automata-based method to study firewall security policies. We first propose a procedure that synthesizes an automaton that describes a security policy given as a table of rules. The synthesis procedure is then used to develop procedures to detect: incompleteness, anomalies and discrepancies in security policies. A method is developed to represent the automaton by a policy qualified as mixable and that has practical utilities, such as ease to determine the whitelist and the blacklist of the policy. The developed procedures have been deeply evaluated in terms of time and space complexities. Then, a real case study has been investigated. The obtained results confirm that the developed procedures have reasonable complexities and that their actual execution times are of the order of seconds. Finally, proofs of all results are provided. © 2016 King Saud University

URLhttps://www.scopus.com/inward/record.uri?eid=2-s2.0-85008234846&doi=10.1016%2fj.jksuci.2016.11.008&partnerID=40&md5=07a25a70cda473802a697eff8dbb8dec
DOI10.1016/j.jksuci.2016.11.008
Revues: 

Partenaires

Localisation


Location map

Suivez-nous sur

  

Contactez-nous

ENSIAS

Avenue Mohammed Ben Abdallah Regragui, Madinat Al Irfane, BP 713, Agdal Rabat, Maroc

Résultat de recherche d'images pour "icone fax" Télécopie : (+212) 5 37 77 72 30

    Compteur de visiteurs:282,995
    Education - This is a contributing Drupal Theme
    Design by WeebPal.