The Community for Technology Leaders
2015 11th International Conference on Network and Service Management (CNSM) (2015)
Barcelona, Spain
Nov. 9, 2015 to Nov. 13, 2015
ISBN: 978-3-9018-8278-4
pp: 366-371
Cornelius Diekmann , Technische Universität München
Andreas Korsten , Technische Universität München
Georg Carle , Technische Universität München
ABSTRACT
In network management, when it comes to security breaches, human error constitutes a dominant factor. We present our tool topoS which automatically synthesizes low-level network configurations from high-level security goals. The automation and a feedback loop help to prevent human errors. Except for a last serialization step, topoS is formally verified with Isabelle/HOL, which prevents implementation errors. In a case study, we demonstrate topoS by example. For the first time, the complete transition from high-level security goals to both firewall and SDN configurations is presented.
INDEX TERMS
Servers, Internet, Access control, Manuals, Communication networks, Protocols
CITATION

C. Diekmann, A. Korsten and G. Carle, "Demonstrating topoS: Theorem-prover-based synthesis of secure network configurations," 2015 11th International Conference on Network and Service Management (CNSM), Barcelona, Spain, 2015, pp. 366-371.
doi:10.1109/CNSM.2015.7367384
90 ms
(Ver 3.3 (11022016))