Gawanmeh, Amjad and Tahar, Sofiène (2012) Domain Restriction Based Formal Model for Firewall Configurations. International Journal for Information Security Research, 2 (1/2). pp. 294-302.
Preview |
Text (application/pdf)
148kBIJISR-2012.pdf - Accepted Version |
Official URL: http://www.infonomics-society.org/IJISR/Home.htm
Abstract
Firewalls are widely adopted for protecting private networks by filtering out undesired network traffic in and out of secured networks. Therefore, they play an important role in the security of communication systems. The verification of firewalls is a great challenge because of the dynamic characteristics of their operation, their configuration is highly error prone, and finally, they are considered the first defense to secure networks against attacks and unauthorized access. In this paper, we present a formal model for firewalls rulebase using domain restriction method, and based on this model, a novel algorithm for detecting and identifying conflicts in firewalls rulebase. The algorithm is based on calculating the conflict set of firewall configurations using the domain restriction. The domain restriction method is implemented using Event-B formal techniques, where we model fire-wall configuration rules, and then use invariant checking to verify the consistency of firewall configurations.
Divisions: | Concordia University > Gina Cody School of Engineering and Computer Science > Electrical and Computer Engineering |
---|---|
Item Type: | Article |
Refereed: | Yes |
Authors: | Gawanmeh, Amjad and Tahar, Sofiène |
Journal or Publication: | International Journal for Information Security Research |
Date: | 2012 |
ID Code: | 977359 |
Deposited By: | Danielle Dennie |
Deposited On: | 14 Jun 2013 13:19 |
Last Modified: | 18 Jan 2018 17:44 |
Repository Staff Only: item control page