CSP-Based Firewall Rule Set Diagnosis using Security Policies

A
ARES
2007
The Second International Conference on Availability, Reliability and Security (ARES'07)
Abstract - CSP-Based Firewall Rule Set Diagnosis using Security Policies

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by S. Pozo Articles by R. Ceballos Articles by R. M. Gasca

The Second International Conference on Availability, Reliability and Security (ARES'07)

Vienna, Austria

April 10-April 13

ISBN: 0-7695-2775-2

	ASCII Text	x
	S. Pozo, R. Ceballos, R. M. Gasca, "CSP-Based Firewall Rule Set Diagnosis using Security Policies," Availability, Reliability and Security, International Conference on, pp. 723-729, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007.

	BibTex	x
	@article{ 10.1109/ARES.2007.63, author = {S. Pozo and R. Ceballos and R. M. Gasca}, title = {CSP-Based Firewall Rule Set Diagnosis using Security Policies}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2007}, isbn = {0-7695-2775-2}, pages = {723-729}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2007.63}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - CSP-Based Firewall Rule Set Diagnosis using Security Policies SN - 0-7695-2775-2 SP723 EP729 A1 - S. Pozo, A1 - R. Ceballos, A1 - R. M. Gasca, PY - 2007 KW - null VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

S. Pozo, University of Seville, Spain

R. Ceballos, University of Seville, Spain

R. M. Gasca, University of Seville, Spain

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ARES.2007.63

The most important part of a firewall configuration process is the implementation of a security policy by a security administrator. However, this security policy is not designed by higher levels of the organisation, nor is written anywhere, so it is very usual to make mistakes in its implementation. To solve this problem we propose to express this global access control policy in some informal language that is translated to a model specification in conjunction with the firewall rule set. Then we construct a Constraint Satisfaction Problem to detect and identify the possible inconsistencies between the specified policy and the firewall rule set.

Citation:

S. Pozo, R. Ceballos, R. M. Gasca, "CSP-Based Firewall Rule Set Diagnosis using Security Policies," ares, pp.723-729, The Second International Conference on Availability, Reliability and Security (ARES'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.