A Formal Model for Network-Wide Security Analysis

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Petr Matou?ek Articles by Jaroslav R? Articles by Ondrej Ry?avy Articles by Miroslav Sv?da

15th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems (ecbs 2008)

March 31-April 04

ISBN: 978-0-7695-3141-0

	ASCII Text	x
	Petr Matou?ek, Jaroslav R?, Ondrej Ry?avy, Miroslav Sv?da, "A Formal Model for Network-Wide Security Analysis," Engineering of Computer-Based Systems, IEEE International Conference on the, pp. 171-181, 15th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems (ecbs 2008), 2008.

	BibTex	x
	@article{ 10.1109/ECBS.2008.13, author = {Petr Matou?ek and Jaroslav R? and Ondrej Ry?avy and Miroslav Sv?da}, title = {A Formal Model for Network-Wide Security Analysis}, journal ={Engineering of Computer-Based Systems, IEEE International Conference on the}, volume = {0}, year = {2008}, isbn = {978-0-7695-3141-0}, pages = {171-181}, doi = {http://doi.ieeecomputersociety.org/10.1109/ECBS.2008.13}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Engineering of Computer-Based Systems, IEEE International Conference on the TI - A Formal Model for Network-Wide Security Analysis SN - 978-0-7695-3141-0 SP171 EP181 A1 - Petr Matou?ek, A1 - Jaroslav R?, A1 - Ondrej Ry?avy, A1 - Miroslav Sv?da, PY - 2008 KW - network security KW - netowrk design KW - dynamic routing protocols KW - formal verification KW - packet filters VL - 0 JA - Engineering of Computer-Based Systems, IEEE International Conference on the ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ECBS.2008.13

Network designers perform challenging tasks with so many configuration options that it is often hard or even impossible for a human to predict all potentially dangerous situations. In this paper, we introduce a formal method approach for verification of security constraints on networks with dynamic routing protocols in use. A unifying model based on packet-filters is employed for modelling of network behaviour. Over this graph model augmented with filtering rules over edges verification of reachability properties can be made. In our approach we also consider topology changes caused by dynamic routing protocols.

Index Terms:

network security, netowrk design, dynamic routing protocols, formal verification, packet filters

Citation:

Petr Matou?ek, Jaroslav R?, Ondrej Ry?avy, Miroslav Sv?da, "A Formal Model for Network-Wide Security Analysis," ecbs, pp.171-181, 15th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems (ecbs 2008), 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.