On the Safety and Efficiency of Firewall Policy Deployment

2007 IEEE Symposium on Security and Privacy (SP '07) Pub Date : 2007-05-20 DOI:10.1109/SP.2007.32

Charles C. Zhang, M. Winslett, Carl A. Gunter

{"title":"On the Safety and Efficiency of Firewall Policy Deployment","authors":"Charles C. Zhang, M. Winslett, Carl A. Gunter","doi":"10.1109/SP.2007.32","DOIUrl":null,"url":null,"abstract":"Firewall policy management is challenging and error-prone. While ample research has led to tools for policy specification, correctness analysis, and optimization, few researchers have paid attention to firewall policy deployment: the process where a management tool edits a firewall's configuration to make it run the policies specified in the tool. In this paper, we provide the first formal definition and theoretical analysis of safety in firewall policy deployment. We show that naive deployment approaches can easily create a temporary security hole by permitting illegal traffic, or interrupt service by rejecting legal traffic during the deployment. We define safe and most-efficient deployments, and introduce the shuffling theorem as a formal basis for constructing deployment algorithms and proving their safety. We present efficient algorithms for constructing most-efficient deployments in popular policy editing languages. We show that in certain widely- installed policy editing languages, a safe deployment is not always possible. We also show how to leverage existing diff algorithms to guarantee a safe, most- efficient, and monotonic deployment in other editing languages.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"120 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"51","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IEEE Symposium on Security and Privacy (SP '07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2007.32","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 51

Abstract

Firewall policy management is challenging and error-prone. While ample research has led to tools for policy specification, correctness analysis, and optimization, few researchers have paid attention to firewall policy deployment: the process where a management tool edits a firewall's configuration to make it run the policies specified in the tool. In this paper, we provide the first formal definition and theoretical analysis of safety in firewall policy deployment. We show that naive deployment approaches can easily create a temporary security hole by permitting illegal traffic, or interrupt service by rejecting legal traffic during the deployment. We define safe and most-efficient deployments, and introduce the shuffling theorem as a formal basis for constructing deployment algorithms and proving their safety. We present efficient algorithms for constructing most-efficient deployments in popular policy editing languages. We show that in certain widely- installed policy editing languages, a safe deployment is not always possible. We also show how to leverage existing diff algorithms to guarantee a safe, most- efficient, and monotonic deployment in other editing languages.

查看原文本刊更多论文

防火墙策略部署的安全性和有效性研究

防火墙策略管理具有挑战性且容易出错。虽然大量的研究已经产生了用于策略规范、正确性分析和优化的工具，但很少有研究人员关注防火墙策略部署:管理工具编辑防火墙配置以使其运行工具中指定的策略的过程。本文首次对防火墙策略部署中的安全性进行了形式化定义和理论分析。我们展示了朴素的部署方法很容易通过允许非法流量来创建临时的安全漏洞，或者在部署期间通过拒绝合法流量来中断服务。我们定义了安全和最有效的部署，并引入了洗牌定理作为构造部署算法和证明其安全性的形式化基础。我们提出了在流行的策略编辑语言中构造最有效部署的有效算法。我们表明，在某些广泛安装的策略编辑语言中，安全部署并不总是可能的。我们还展示了如何利用现有的diff算法来保证在其他编辑语言中进行安全、最有效和单调的部署。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2007 IEEE Symposium on Security and Privacy (SP '07)

自引率

0.00%

发文量