A Calculus for Distributed Firewall Specification and Verification

被引：0

作者：

Pene, Liviu ^{[1
]}

Adi, Kamel ^{[1
]}

机构：

[1] Univ Quebec Outaouais, Dept Comp Sci & Engn, LRSI Grp, Gatineau, PQ, Canada

来源：

NEW TRENDS IN SOFTWARE METHODOLOGIES, TOOLS AND TECHNIQUES | 2006年 / 147卷

关键词：

Security Policy; Mobile Ambients; Distributed Firewalls; Specification; Verification;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

This paper proposes a firewall specification calculus suited for expressing security policies implemented in distributed firewalls. Our syntax and semantics, inspired from the ambient calculus, allow the specification of filtering rules for both single and distributed configurations. We show how our calculus can be used to address the problem of conflict detection and how our approach facilitates the analysis of the effect that network topologies have on distributed firewall policies.

引用

页码：301 / 315

页数：15

共 19 条

[1] ADI K, 2005, P WORKSH PRACT THEOR, P29
[2] AISHAER ES, 2004, INFOCOM 04, P2605
[3] Firmato:: A novel firewall management toolkit
Bartal, Y
Mayer, A
Nissim, K
Wool, A
[J]. PROCEEDINGS OF THE 1999 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 1999, : 17 - 31
[4] BELLOVIN SM, 1999, LOGIN, V24, P39
[5] Burns J, 2001, DISCEX'01: DARPA INFORMATION SURVIVABILITY CONFERENCE & EXPOSITION II, VOL II, PROCEEDINGS, P12, DOI 10.1109/DISCEX.2001.932156
[6] CARDELLI L, 1999, S PRINC PROGR LANG, P79
[7] CARDELLI L, 1998, FDN SOFTWARE SCI COM
[8] Degano P, 2000, LECT NOTES COMPUT SC, V1961, P199
[9] FERRARI G, 2002, GUARDIANS AMBIENT BA
[10] Gordon AD, 1999, LECT NOTES COMPUT SC, V1578, P212

← 1 2 →