期刊名称:International Journal of Innovative Research in Computer and Communication Engineering
印刷版ISSN:2320-9798
电子版ISSN:2320-9801
出版年度:2014
卷号:2
期号:12
出版社:S&S Publications
摘要:Firewalls have become the most essential part that is deployed on the Internet for protecting the privatenetworks. Optimizing firewall rules is very critical for enhancing the performance of a network. The early work onfirewall optimization focuses on either intra-firewall or inter-firewall optimization within one administrative domainwhere the privacy of firewall policies is not a concern. The main technical challenge to focused on is that firewallpolicies cannot be disclosed across domains because a firewall policy contains secret information and even potentialsecurity holes, which can be easily utilized by attackers. Proposed work involves first the protocol for preservingfirewall policies and optimizing them. Particularly, for any two adjacent firewalls that belongs to two differentadministrative domains, this protocol can identify the rules in each firewall that can be removed because of the otherfirewall. This process of optimization involves computation between the two firewalls without any party disclosingtheir policies to the other. The communication cost is reduced by the optimization process. This protocol sustains noextra online packet processing overhead, and also the offline processing time is less
关键词:Firewall optimization; Privacy; Redundancy; Security; IP Networks
