Abstract | ||
---|---|---|
As a traditional technique of information security, distributed firewall has taken very important position, while problems remain. Correct configuration of distributed firewall policies and keeping individual firewall filter decisions compatible to each other are quite inconvenient for administrators. To realize the comparison between firewalls' policies, this paper provide FPT(firewall policy tree) model, and the construction algorithm which can turn a firewall policy into a policy tree, as well as the comparison algorithm. Combination of the two algorithms can be used to perform a comparison between distributed firewalls' policies. By doing this, the paper can obtain the set of data packages on which different firewalls have made inconsistent filter decision, and find out the inconsistency in distributed firewall policies. Besides, this model could be extended to package classification systems for policies comparison. |
Year | DOI | Venue |
---|---|---|
2006 | 10.1007/11816171_67 | ICIC |
Keywords | Field | DocType |
comparison model,classification system,inconsistent filter decision,individual firewall filter decision,comparison algorithm,policies comparison,different firewalls,firewall policy tree,construction algorithm,policy tree,firewall policy,information security | Firewall (construction),Computer science,Tree (data structure),Algorithm,Application firewall,Context-based access control,Distributed algorithm,Security policy,Intrusion detection system,Distributed firewall,Distributed computing | Conference |
Volume | ISSN | ISBN |
4114 | 0302-9743 | 3-540-37274-1 |
Citations | PageRank | References |
0 | 0.34 | 12 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Weiping Wang | 1 | 0 | 0.34 |
Wenhui Chen | 2 | 0 | 0.34 |
Zhepeng Li | 3 | 17 | 2.29 |
Huaping Chen | 4 | 265 | 12.92 |