Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IFIP
2004
Springer
2004
Springer
A Formal Approach to Specify and Deploy a Network Security Policy
Current firewall configuration languages have no well founded semantics. Each firewall implements its own algorithm that parses specific proprietary languages. The main consequence is that network access control policies are difficult to manage and most firewalls are actually wrongly configured. In this paper, we present an access control language based on XML syntax whose semantics is interpreted in the access control model Or-BAC (Organization Based Access Control). We show how to use this language to specify high-level network access control policies and then to automatically derive concrete access control rules to configure specific firewalls through a translation process. Our approach provides clear semantics to network security policy specification, makes management of such policy easier for the administrator and guarantees portability between firewalls.
Real-time TrafficRelated Content
| Added | 02 Jul 2010 |
| Updated | 02 Jul 2010 |
| Type | Conference |
| Year | 2004 |
| Where | IFIP |
| Authors | Frédéric Cuppens, Nora Cuppens-Boulahia, Thierry Sans, Alexandre Miège |
Comments (0)
Researcher Info
|
