See this document in CiteSeerX!

An Expert System for Analyzing Firewall Rules (2001)  (Make Corrections)  (1 citation)
Pasi Eronen, Jukka Zitting
Proceedings of the 6th Nordic Workshop on Secure IT Systems (NordSec 2001)



  Home/Search   Context   Related

 
View or download:
cs.hut.fi/~peronen/p...nordsec_2001.pdf
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  cs.hut.fi/~peronen/publication... (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: When deploying firewalls in an organization, it is essential to verify that the firewalls are configured properly. The problem of finding out what a given firewall configuration does occurs, for instance, when a new network administrator takes over, or a third party performs a technical security audit for the organization. While the problem can be approached via testing, non-intrusive techniques are often preferred. Existing tools for analyzing firewall configurations usually rely on hard-coded ... (Update)

Cited by:   More
Usable Firewall Configuration - Weiwei Geng University (2005)   (Correct)

Active bibliography (related documents):   More   All
0.6:   Performance Characteristics of BDD-Based Packet Filters - Attar (2001)   (Correct)
0.5:   Specification-Based Testing of Firewalls - Jürjens, Wimmel (2001)   (Correct)
0.5:   Filtering Postures: Local Enforcement for Global Policies - Guttman (1997)   (Correct)

Similar documents based on text:   More   All
0.4:   Security in the Jini Networking Technology: A Decentralized Trust .. - Eronen (2001)   (Correct)
0.3:   Extending Jini with Decentralized Trust Management - Eronen, Lehtinen, Zitting.. (2000)   (Correct)
0.3:   Firewall Penetration Testing - Haeni (1997)   (Correct)

BibTeX entry:   (Update)

P. Eronen and J. Zitting. An expert system for analyzing firewall rules. In Proceedings of the 6th Nordic Workshop on Secure IT Systems (NordSec 2001. http://citeseer.ist.psu.edu/eronen01expert.html   More

@inproceedings{ eronen-nordsec01,
  author =       {Pasi Eronen and Jukka Zitting},
  title =        {An expert system for analyzing firewall rules},
  booktitle =    {Proceedings of the 6th Nordic Workshop on Secure IT
                  Systems (NordSec 2001)},
  pages =        {100--107},
  year =         2001,
  month =        nov,
  address =      {Copenhagen, Denmark},
  publisher =    {Technical Report IMM-TR-2001-14,
                  Technical University of Denmark,
  url = {citeseer.ist.psu.edu/eronen01expert.html} }
Citations (may not include all citations):
82   Constraint logic programming languages (context) - Cohen - 1990
31   Eclipse: A platform for constraint logic programming - Wallace, Novello et al. - 1997
26   Firmato: A novel firewall management toolkit - Bartal, Mayer et al. - 1999
22   Filtering postures: Local enforcement for global policies - Guttman - 1997
13   Detecting and resolving packet filter conflicts - Hari, Suri et al. - 2000
11   An architecture for advanced packet filtering (context) - Molitor - 1995
10   Policy-based management: Bridging the gap (context) - Hinrichs - 1999
7   Binary decision diagram representations of firewall and rout.. - Hazelhurst, Fatti et al. - 1998
7   Tradeoffs for packet classification (context) - Feldman, Muthukrishnan - 2000
6   Internet packet filter management and rectangle geometry - Eppstein, Muthukrishnan - 2001
5   Intrusion detection systems: A taxonomy and survey (context) - Axelsson - 2000
4   Architecting the Lumeta firewall analyzer (context) - Wool - 2001
3   Algorithms for improving the dependability of firewall and f.. (context) - Hazelhurst, Attar et al. - 2000
3   Fang: A firewall analysis engine (context) - Mayer, Wool et al. - 2000
3   Security testing of AIX system calls using Prolog (context) - Cugini, Lo et al. - 1989
3   Modelling of cryptographic protocols (context) - Nikander - 1997
2   Expert systems and artificial intelligence (context) - Engelmore, Feigenbaum - 1993
2   router products command reference (context) - Systems, IOS - 1998
2   Algorithms for analysing firewall and router access lists - Hazelhurst - 1999
2   and Implementation of Firewall Technology (context) - Schuba, Modeling - 1997
1   Cisco Access Lists Field Guide (context) - Hundley, Held - 2000
1   Access Control List Manager 1 (context) - Systems, CiscoWorks - 2000
1   A tool for building firewallrouter configurations (context) - Calabrese - 1996
1   Internet draft ietfipsp -spp (context) - Sanchez, Condell et al. - 2000

Documents on the same site (http://www.cs.hut.fi/~peronen/publications/):   More
Applying decentralized trust management to DNS dynamic updates - Eronen, Sars (2001)   (Correct)
Security in the Jini Networking Technology: A Decentralized Trust .. - Eronen (2001)   (Correct)
State Machines for EAP Peer and Authenticator - Vollbrecht (2003)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC