2015 11th International Conference on Network and Service Management (CNSM) (2015)
Nov. 9, 2015 to Nov. 13, 2015
Cornelius Diekmann , Technische Universität München
Andreas Korsten , Technische Universität München
Georg Carle , Technische Universität München
In network management, when it comes to security breaches, human error constitutes a dominant factor. We present our tool topoS which automatically synthesizes low-level network configurations from high-level security goals. The automation and a feedback loop help to prevent human errors. Except for a last serialization step, topoS is formally verified with Isabelle/HOL, which prevents implementation errors. In a case study, we demonstrate topoS by example. For the first time, the complete transition from high-level security goals to both firewall and SDN configurations is presented.
Servers, Internet, Access control, Manuals, Communication networks, Protocols
C. Diekmann, A. Korsten and G. Carle, "Demonstrating topoS: Theorem-prover-based synthesis of secure network configurations," 2015 11th International Conference on Network and Service Management (CNSM), Barcelona, Spain, 2015, pp. 366-371.