Sciweavers

Share
ICCSA
2009
Springer

MDA-Based Framework for Automatic Generation of Consistent Firewall ACLs with NAT

12 years 1 months ago
MDA-Based Framework for Automatic Generation of Consistent Firewall ACLs with NAT
Abstract. The design and management of firewall ACLs is a very hard and error-prone task. Part of this complexity comes from the fact that each firewall platform has its own low-level language with a different functionality, syntax, and development environment. Although several high-level languages have been proposed to model firewall access control policies, none of them has been widely adopted by the industry due to a combination of factors: high complexity, no support of important features of firewalls, no common development process, etc. In this paper, a development process for Firewall ACLs based on the Model Driven Architecture (MDA) framework is proposed. The framework supports the market leaders firewall platforms and is user-extensible. The most important access control policy languages are reviewed, with special focus on the development of firewall ACLs. Based on this analysis a new DSL language for firewall ACLs, AFPL2, covering most features other languages do not cover, is...
Sergio Pozo, A. J. Varela-Vaca, Rafael M. Gasca
Added 20 May 2010
Updated 20 May 2010
Type Conference
Year 2009
Where ICCSA
Authors Sergio Pozo, A. J. Varela-Vaca, Rafael M. Gasca
Comments (0)
books