Complete analysis of configuration rules to guarantee reliable network security policies

Joaquin G. Alfaro; Nora Boulahia-Cuppens; Frederic Cuppens

doi:10.1007/s10207-007-0045-7

Complete analysis of configuration rules to guarantee reliable network security policies

Joaquin G. Alfaro
, Nora Boulahia-Cuppens
, Frederic Cuppens

Research output: Contribution to journal › Article › peer-review

Abstract

The use of different network security components, such as firewalls and network intrusion detection systems (NIDSs), is the dominant method to monitor and guarantee the security policy in current corporate networks. To properly configure these components, it is necessary to use several sets of security rules. Nevertheless, the existence of anomalies between those rules, particularly in distributed multi-component scenarios, is very likely to degrade the network security policy. The discovery and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a complete set of mechanisms for such a management.

Original language	English
Pages (from-to)	103-122
Number of pages	20
Journal	International Journal of Information Security
Volume	7
Issue number	2
DOIs	https://doi.org/10.1007/s10207-007-0045-7
Publication status	Published - 1 Apr 2008
Externally published	Yes

Keywords

Firewalls
Intrusion detection systems
Network security
Policy anomalies

Access to Document

10.1007/s10207-007-0045-7

Cite this

@article{0946caf72fd6412a9667847f8a5a9001,

title = "Complete analysis of configuration rules to guarantee reliable network security policies",

abstract = "The use of different network security components, such as firewalls and network intrusion detection systems (NIDSs), is the dominant method to monitor and guarantee the security policy in current corporate networks. To properly configure these components, it is necessary to use several sets of security rules. Nevertheless, the existence of anomalies between those rules, particularly in distributed multi-component scenarios, is very likely to degrade the network security policy. The discovery and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a complete set of mechanisms for such a management.",

keywords = "Firewalls, Intrusion detection systems, Network security, Policy anomalies",

author = "Alfaro, \{Joaquin G.\} and Nora Boulahia-Cuppens and Frederic Cuppens",

year = "2008",

month = apr,

day = "1",

doi = "10.1007/s10207-007-0045-7",

language = "English",

volume = "7",

pages = "103--122",

journal = "International Journal of Information Security",

issn = "1615-5262",

number = "2",

}

TY - JOUR

T1 - Complete analysis of configuration rules to guarantee reliable network security policies

AU - Alfaro, Joaquin G.

AU - Boulahia-Cuppens, Nora

AU - Cuppens, Frederic

PY - 2008/4/1

Y1 - 2008/4/1

N2 - The use of different network security components, such as firewalls and network intrusion detection systems (NIDSs), is the dominant method to monitor and guarantee the security policy in current corporate networks. To properly configure these components, it is necessary to use several sets of security rules. Nevertheless, the existence of anomalies between those rules, particularly in distributed multi-component scenarios, is very likely to degrade the network security policy. The discovery and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a complete set of mechanisms for such a management.

AB - The use of different network security components, such as firewalls and network intrusion detection systems (NIDSs), is the dominant method to monitor and guarantee the security policy in current corporate networks. To properly configure these components, it is necessary to use several sets of security rules. Nevertheless, the existence of anomalies between those rules, particularly in distributed multi-component scenarios, is very likely to degrade the network security policy. The discovery and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a complete set of mechanisms for such a management.

KW - Firewalls

KW - Intrusion detection systems

KW - Network security

KW - Policy anomalies

U2 - 10.1007/s10207-007-0045-7

DO - 10.1007/s10207-007-0045-7

M3 - Article

AN - SCOPUS:41849107232

SN - 1615-5262

VL - 7

SP - 103

EP - 122

JO - International Journal of Information Security

JF - International Journal of Information Security

IS - 2

ER -

Complete analysis of configuration rules to guarantee reliable network security policies

Abstract

Keywords

Access to Document

Fingerprint

Cite this