Detail publikace

Static Analysis of Routing and Firewall Policy Configurations

Originální název

Static Analysis of Routing and Firewall Policy Configurations

Anglický název

Static Analysis of Routing and Firewall Policy Configurations

Jazyk

en

Originální abstrakt

Network design that meets customer's security requirements needs careful considerations when configuring routing and filtering rules. This paper deals with an approach to security analysis based on reachability calculations in dynamically routed networks. The contribution consists of proposing routing abstract model that enables to extend existing reachability analysis approaches to obtain a finer approximation. This approximation captures the effect of routing on packets forwarding. Thus in the combination with reachability calculations based on packet filtering analysis it provides valuable information for a network designer on possible security issues in designed network.

Anglický abstrakt

Network design that meets customer's security requirements needs careful considerations when configuring routing and filtering rules. This paper deals with an approach to security analysis based on reachability calculations in dynamically routed networks. The contribution consists of proposing routing abstract model that enables to extend existing reachability analysis approaches to obtain a finer approximation. This approximation captures the effect of routing on packets forwarding. Thus in the combination with reachability calculations based on packet filtering analysis it provides valuable information for a network designer on possible security issues in designed network.

BibTex


@inproceedings{BUT91464,
  author="Miroslav {Švéda} and Ondřej {Ryšavý} and Hidda Marakkala Gayan Ruchika {de Silva} and Petr {Matoušek} and Jaroslav {Ráb}",
  title="Static Analysis of Routing and Firewall Policy Configurations",
  annote="Network design that meets customer's security requirements needs careful
considerations when configuring routing and filtering rules. This paper deals
with an approach to security analysis based on reachability calculations in
dynamically routed networks. The contribution consists of proposing routing
abstract model that enables to extend existing reachability analysis approaches
to obtain a finer approximation. This approximation captures the effect of
routing on packets forwarding. Thus in the combination with reachability
calculations based on packet filtering analysis it provides valuable information
for a network designer on possible security issues in designed network.",
  address="Springer Science+Business Media B.V.",
  booktitle="e-Business and Telecommunications",
  chapter="91464",
  doi="10.1007/978-3-642-25206-8_2",
  edition="LNCS CCIS, Vol.222",
  howpublished="online",
  institution="Springer Science+Business Media B.V.",
  number="222",
  year="2012",
  month="february",
  pages="39--53",
  publisher="Springer Science+Business Media B.V.",
  type="conference paper"
}