@inproceedings{3bd8f562646949e4954a12eac92afa0b,
title = "MIRAGE: A management tool for the analysis and deployment of network security policies",
abstract = "We present the core functionality of MIRAGE, a management tool for the analysis and deployment of configuration policies over network security components, such as firewalls, intrusion detection systems, and VPN routers. We review the two main functionalities embedded in our current prototype: (1) a bottom-up analysis of already deployed network security configurations and (2) a top-down refinement of global policies into network security component configurations. In both cases, MIRAGE provides intra-component analysis to detect inconsistencies in single component deployments; and inter-component analysis, to detect multi-component deployments which are not consistent. MIRAGE also manages the description of the security architecture topology, to guarantee the proper execution of all the processes.",
keywords = "Access control, Analysis of configurations, Network security, OrBAC, Policy refinement",
author = "Joaquin Garcia-Alfaro and Fr{\'e}d{\'e}ric Cuppens and Nora Cuppens-Boulahia and Stere Preda",
year = "2011",
month = jan,
day = "1",
doi = "10.1007/978-3-642-19348-4\_15",
language = "English",
isbn = "9783642193477",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "203--215",
booktitle = "Data Privacy Management and Autonomous Spontaneous Security - 5th International Workshop, DPM 2010 and 3rd International Workshop, SETOP 2010, Revised Selected Papers",
note = "5th International Workshop on Data Privacy Management, DPM 2010 and 3rd International Workshop on Autonomous and Spontaneous Security, SETOP 2010 ; Conference date: 23-09-2010",
}