{"title":"基于图的服务防火墙规则分析方法","authors":"S. Pipattanasakul, Y. Permpoontanalarp","doi":"10.1109/ISCIT.2008.4700210","DOIUrl":null,"url":null,"abstract":"Configuring firewalls is a difficult task. The reason is that the effects of firewall rules cannot be seen during the configuration time. As a result, errors and loopholes in firewall rules are discovered only at the run time and they often cause attacks. In this paper, we develop a graph-based method for analyzing firewall rules with services. Our new model provides advantages over all existing methods in that it can compute effects of firewall rules at multiple firewalls in an intuitive and efficient way. In addition, it offers a new rule analysis called rule tracking.","PeriodicalId":215340,"journal":{"name":"2008 International Symposium on Communications and Information Technologies","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Graph-based Methodology for Analyzing Firewall Rules with Services\",\"authors\":\"S. Pipattanasakul, Y. Permpoontanalarp\",\"doi\":\"10.1109/ISCIT.2008.4700210\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Configuring firewalls is a difficult task. The reason is that the effects of firewall rules cannot be seen during the configuration time. As a result, errors and loopholes in firewall rules are discovered only at the run time and they often cause attacks. In this paper, we develop a graph-based method for analyzing firewall rules with services. Our new model provides advantages over all existing methods in that it can compute effects of firewall rules at multiple firewalls in an intuitive and efficient way. In addition, it offers a new rule analysis called rule tracking.\",\"PeriodicalId\":215340,\"journal\":{\"name\":\"2008 International Symposium on Communications and Information Technologies\",\"volume\":\"7 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-12-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Symposium on Communications and Information Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCIT.2008.4700210\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Symposium on Communications and Information Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCIT.2008.4700210","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Graph-based Methodology for Analyzing Firewall Rules with Services
Configuring firewalls is a difficult task. The reason is that the effects of firewall rules cannot be seen during the configuration time. As a result, errors and loopholes in firewall rules are discovered only at the run time and they often cause attacks. In this paper, we develop a graph-based method for analyzing firewall rules with services. Our new model provides advantages over all existing methods in that it can compute effects of firewall rules at multiple firewalls in an intuitive and efficient way. In addition, it offers a new rule analysis called rule tracking.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
