Application domain independent policy conflict analysis using information models
S Davy, B Jennings, J Strassner - NOMS 2008-2008 IEEE …, 2008 - ieeexplore.ieee.org
A key part of the policy authoring process is analysis of the potential for newly created or
modified policies to conflict with already deployed policies. We propose an approach for …
modified policies to conflict with already deployed policies. We propose an approach for …
Using an information model and associated ontology for selection of policies for conflict analysis
S Davy, B Jennings, J Strassner - 2008 IEEE Workshop on …, 2008 - ieeexplore.ieee.org
We present an analysis process targeting identification of potential policy conflicts within
sets of policies relating to multiple network devices and the security services deployed on …
sets of policies relating to multiple network devices and the security services deployed on …
Conflict prevention via model-driven policy refinement
S Davy, B Jennings, J Strassner - International Workshop on Distributed …, 2006 - Springer
This paper describes an approach for application specific conflict prevention based on
model-driven refinement of policies prior to deployment. Central to the approach is an …
model-driven refinement of policies prior to deployment. Central to the approach is an …
Automatic conflict analysis and resolution of traffic filtering policy for firewall and security gateway
S Ferraresi, S Pesic, L Trazza… - 2007 IEEE International …, 2007 - ieeexplore.ieee.org
Firewalls and Security Gateways are core elements in network security infrastructure. As
networks and services become more complex, managing access-list rules becomes an error …
networks and services become more complex, managing access-list rules becomes an error …
Transversal policy conflict detection
Declarative policies are a common means to manage the security of complex IT
environments and they belong to different, heterogeneous classes (access control, filtering …
environments and they belong to different, heterogeneous classes (access control, filtering …
Conflict analysis during authoring of management policies for federations
We outline a policy conflict analysis process for the analysis of newly specified federation-
level policies against previously deployed local/federation policies. The process is generic …
level policies against previously deployed local/federation policies. The process is generic …
Conflict classification and analysis of distributed firewall policies
E Al-Shaer, H Hamed, R Boutaba… - IEEE journal on …, 2005 - ieeexplore.ieee.org
Firewalls are core elements in network security. However, managing firewall rules,
particularly, in multifirewall enterprise networks, has become a complex and error-prone …
particularly, in multifirewall enterprise networks, has become a complex and error-prone …
An approach to evaluate policy similarity
Recent collaborative applications and enterprises very often need to efficiently integrate
their access control policies. An important step in policy integration is to analyze the …
their access control policies. An important step in policy integration is to analyze the …
Towards network security policy generation for configuration analysis and testing
T Samak, A El-Atawy, E Al-Shaer - … of the 2nd ACM workshop on …, 2009 - dl.acm.org
Access-control lists are an essential part in the security framework of any system.
Researchers are always in need to have a repository of ready made policies for conducting …
Researchers are always in need to have a repository of ready made policies for conducting …
Reasoning about firewall policies through refinement and composition
U Neville, SN Foley - Journal of Computer Security, 2018 - content.iospress.com
Network and host-based access controls, for example, firewall systems, are important points
of security-demarcation, operating as a front-line defence for networks and networked …
of security-demarcation, operating as a front-line defence for networks and networked …