Model-driven extraction and analysis of network security policies

Salvador Martínez; Joaquin Garcia-Alfaro; Frédéric Cuppens; Nora Cuppens-Boulahia; Jordi Cabot

doi:10.1007/978-3-642-41533-3_4

Model-driven extraction and analysis of network security policies

Salvador Martínez
, Joaquin Garcia-Alfaro
, Frédéric Cuppens
, Nora Cuppens-Boulahia
, Jordi Cabot

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Firewalls are a key element in network security. They are in charge of filtering the traffic of the network in compliance with a number of access-control rules that enforce a given security policy. In an always-evolving context, where security policies must often be updated to respond to new security requirements, knowing with precision the policy being enforced by a network system is a critical information. Otherwise, we risk to hamper the proper evolution of the system and compromise its security. Unfortunately, discovering such enforced policy is an error-prone and time consuming task that requires low-level and, often, vendor-specific expertise since firewalls may be configured using different languages and conform to a complex network topology. To tackle this problem, we propose a model-driven reverse engineering approach able to extract the security policy implemented by a set of firewalls in a working network, easing the understanding, analysis and evolution of network security policies.

Original language	English
Title of host publication	Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings
Pages	52-68
Number of pages	17
DOIs	https://doi.org/10.1007/978-3-642-41533-3_4
Publication status	Published - 7 Nov 2013
Event	16th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems, MODELS 2013 - Miami, FL, United States Duration: 29 Sept 2013 → 4 Oct 2013

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	8107 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	16th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems, MODELS 2013
Country/Territory	United States
City	Miami, FL
Period	29/09/13 → 4/10/13

Access to Document

10.1007/978-3-642-41533-3_4

Cite this

Martínez, S., Garcia-Alfaro, J., Cuppens, F., Cuppens-Boulahia, N., & Cabot, J. (2013). Model-driven extraction and analysis of network security policies. In Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings (pp. 52-68). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8107 LNCS). https://doi.org/10.1007/978-3-642-41533-3_4

Martínez, Salvador ; Garcia-Alfaro, Joaquin ; Cuppens, Frédéric et al. / Model-driven extraction and analysis of network security policies. Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings. 2013. pp. 52-68 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{7aa52394865740e8b4fb89658659ab7f,

title = "Model-driven extraction and analysis of network security policies",

abstract = "Firewalls are a key element in network security. They are in charge of filtering the traffic of the network in compliance with a number of access-control rules that enforce a given security policy. In an always-evolving context, where security policies must often be updated to respond to new security requirements, knowing with precision the policy being enforced by a network system is a critical information. Otherwise, we risk to hamper the proper evolution of the system and compromise its security. Unfortunately, discovering such enforced policy is an error-prone and time consuming task that requires low-level and, often, vendor-specific expertise since firewalls may be configured using different languages and conform to a complex network topology. To tackle this problem, we propose a model-driven reverse engineering approach able to extract the security policy implemented by a set of firewalls in a working network, easing the understanding, analysis and evolution of network security policies.",

author = "Salvador Mart{\'i}nez and Joaquin Garcia-Alfaro and Fr{\'e}d{\'e}ric Cuppens and Nora Cuppens-Boulahia and Jordi Cabot",

year = "2013",

month = nov,

day = "7",

doi = "10.1007/978-3-642-41533-3\_4",

language = "English",

isbn = "9783642415326",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "52--68",

booktitle = "Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings",

note = "16th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems, MODELS 2013 ; Conference date: 29-09-2013 Through 04-10-2013",

}

Martínez, S, Garcia-Alfaro, J, Cuppens, F, Cuppens-Boulahia, N & Cabot, J 2013, Model-driven extraction and analysis of network security policies. in Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 8107 LNCS, pp. 52-68, 16th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems, MODELS 2013, Miami, FL, United States, 29/09/13. https://doi.org/10.1007/978-3-642-41533-3_4

Model-driven extraction and analysis of network security policies. / Martínez, Salvador; Garcia-Alfaro, Joaquin; Cuppens, Frédéric et al.
Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings. 2013. p. 52-68 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8107 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Model-driven extraction and analysis of network security policies

AU - Martínez, Salvador

AU - Garcia-Alfaro, Joaquin

AU - Cuppens, Frédéric

AU - Cuppens-Boulahia, Nora

AU - Cabot, Jordi

PY - 2013/11/7

Y1 - 2013/11/7

N2 - Firewalls are a key element in network security. They are in charge of filtering the traffic of the network in compliance with a number of access-control rules that enforce a given security policy. In an always-evolving context, where security policies must often be updated to respond to new security requirements, knowing with precision the policy being enforced by a network system is a critical information. Otherwise, we risk to hamper the proper evolution of the system and compromise its security. Unfortunately, discovering such enforced policy is an error-prone and time consuming task that requires low-level and, often, vendor-specific expertise since firewalls may be configured using different languages and conform to a complex network topology. To tackle this problem, we propose a model-driven reverse engineering approach able to extract the security policy implemented by a set of firewalls in a working network, easing the understanding, analysis and evolution of network security policies.

AB - Firewalls are a key element in network security. They are in charge of filtering the traffic of the network in compliance with a number of access-control rules that enforce a given security policy. In an always-evolving context, where security policies must often be updated to respond to new security requirements, knowing with precision the policy being enforced by a network system is a critical information. Otherwise, we risk to hamper the proper evolution of the system and compromise its security. Unfortunately, discovering such enforced policy is an error-prone and time consuming task that requires low-level and, often, vendor-specific expertise since firewalls may be configured using different languages and conform to a complex network topology. To tackle this problem, we propose a model-driven reverse engineering approach able to extract the security policy implemented by a set of firewalls in a working network, easing the understanding, analysis and evolution of network security policies.

U2 - 10.1007/978-3-642-41533-3_4

DO - 10.1007/978-3-642-41533-3_4

M3 - Conference contribution

AN - SCOPUS:84886840816

SN - 9783642415326

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 52

EP - 68

BT - Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings

T2 - 16th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems, MODELS 2013

Y2 - 29 September 2013 through 4 October 2013

ER -

Martínez S, Garcia-Alfaro J, Cuppens F, Cuppens-Boulahia N, Cabot J. Model-driven extraction and analysis of network security policies. In Model-Driven Engineering Languages and Systems - 16th International Conference, MODELS 2013, Proceedings. 2013. p. 52-68. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-41533-3_4

Model-driven extraction and analysis of network security policies

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this