首页    期刊浏览 2024年12月01日 星期日
登录注册

文章基本信息

  • 标题:On the Correctness of Firewall Policy Deployment
  • 本地全文:下载
  • 作者:M. El Marraki, A. Kartit
  • 期刊名称:Journal of Theoretical and Applied Information Technology
  • 印刷版ISSN:1992-8645
  • 电子版ISSN:1817-3195
  • 出版年度:2010
  • 卷号:19
  • 期号:01
  • 出版社:Journal of Theoretical and Applied
  • 摘要:

    Firewall policies can contain several thousand rules due to the large size and complex structure of modern networks. The size and complexity of these policies require automated tools providing a user-friendly environment to specify, configure and safely deploy a target policy. In this paper, we show that naïve deployment approaches can easily create a temporary security hole by permitting illegal traffic or interrupt service by rejecting legal traffic during the deployment. We make some contributions to the correctness of firewall policy deployments and we show that the category of type I policy editing is wrong and could lead to security vulnerabilities. We then provide a correct algorithm for publishing political class type I. Our algorithm can be used even for the deployment of policies whose size is very important.

  • 关键词:Policy Deployment (PD); Firewall Policy Management (FPM); Network Security (NS)
国家哲学社会科学文献中心版权所有