Ver ítem 

Mostrar el registro sencillo del ítem

Ponencia

Opened Access
A Quadratic, Complete, and Minimal Consistency Diagnosis Process for Firewall ACLs

dc.creatorPozo Hidalgo, Sergioes
dc.creatorVarela Vaca, Ángel Jesúses
dc.creatorMartínez Gasca, Rafaeles
dc.date.accessioned2022-11-15T09:51:28Z
dc.date.available2022-11-15T09:51:28Z
dc.date.issued2010
dc.identifier.citationPozo Hidalgo, S., Varela Vaca, Á.J. y Martínez Gasca, R. (2010). A Quadratic, Complete, and Minimal Consistency Diagnosis Process for Firewall ACLs. En AINA 2010: 24th IEEE International Conference on Advanced Information Networking and Applications (1037-1046), Perth, WA, Australia: IEEE Computer Society.
dc.identifier.isbn978-1-4244-6695-5es
dc.identifier.isbn978-1-4244-6696-2es
dc.identifier.issn1550-445Xes
dc.identifier.issn2332-5658es
dc.identifier.urihttps://hdl.handle.net/11441/139422
dc.description.abstractDeveloping and managing firewall Access Control Lists (ACLs) are hard, time-consuming, and error-prone tasks for a variety of reasons. Complexity of networks is constantly increasing, as it is the size of firewall ACLs. Networks have different access control requirements which must be translated by a network administrator into firewall ACLs. During this task, inconsistent rules can be introduced in the ACL. Furthermore, each time a rule is modified (e.g. updated, corrected when a fault is found, etc.) a new inconsistency with other rules can be introduced. An inconsistent firewall ACL implies, in general, a design or development fault, and indicates that the firewall is accepting traffic that should be denied or vice versa. In this paper we propose a complete and minimal consistency diagnosis process which has worst-case quadratic time complexity with the number of rules in a set of inconsistent rules. There are other proposals of consistency diagnosis algorithms. However they have different problems which can prevent their use with big, real-life, ACLs: on the one hand, the minimal ones have exponential worst-case time complexity; on the other hand, the polynomial ones are not minimal.es
dc.description.sponsorshipMinisterio de Eduación y Ciencia TIN2009-13714es
dc.formatapplication/pdfes
dc.format.extent10es
dc.language.isoenges
dc.publisherIEEE Computer Societyes
dc.relation.ispartofAINA 2010: 24th IEEE International Conference on Advanced Information Networking and Applications (2010), pp. 1037-1046.
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 Internacional*
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/*
dc.subjectInconsistencyes
dc.subjectConflictes
dc.subjectAnomalyes
dc.subjectDiagnosises
dc.subjectMinimales
dc.subjectFirewalles
dc.subjectACLes
dc.subjectRulesetes
dc.subjectManagementes
dc.subjectDetectiones
dc.titleA Quadratic, Complete, and Minimal Consistency Diagnosis Process for Firewall ACLses
dc.typeinfo:eu-repo/semantics/conferenceObjectes
dc.type.versioninfo:eu-repo/semantics/submittedVersiones
dc.rights.accessRightsinfo:eu-repo/semantics/openAccesses
dc.contributor.affiliationUniversidad de Sevilla. Departamento de Lenguajes y Sistemas Informáticoses
dc.relation.projectIDTIN2009-13714es
dc.relation.publisherversionhttps://ieeexplore.ieee.org/document/5474827es
dc.identifier.doi10.1109/AINA.2010.63es
dc.contributor.groupUniversidad de Sevilla. TIC-258: Data-centric Computing Research Hubes
dc.publication.initialPage1037es
dc.publication.endPage1046es
dc.eventtitleAINA 2010: 24th IEEE International Conference on Advanced Information Networking and Applicationses
dc.eventinstitutionPerth, WA, Australiaes
dc.relation.publicationplaceNew York, USAes
dc.contributor.funderMinisterio de Educación y Ciencia (MEC). Españaes

FicherosTamañoFormatoVerDescripción
A quadratic, complete, and minimal ...626.7KbIcon   [PDF] Ver/Abrir  

Este registro aparece en las siguientes colecciones

Mostrar el registro sencillo del ítem

Attribution-NonCommercial-NoDerivatives 4.0 Internacional
Excepto si se señala otra cosa, la licencia del ítem se describe como: Attribution-NonCommercial-NoDerivatives 4.0 Internacional