Methods and Tools for Policy Analysis

Jabal, Amani Abu; Davari, Maryam; Bertino, Elisa; Makaya, Christian; Calo, Seraphin; Verma, Dinesh; Russo, Alessandra; Williams, Christopher

doi:10.1145/3295749

Cited by 36 publications

(25 citation statements)

References 195 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The scientific literature about the analysis of rules is quite large and a good survey can be found in [21]. Indeed, several techniques have been proposed to assist network security administrators in detecting policy conflicts and anomalies concerning either a single device or multiple connected firewalls.…”

Section: ) Rule Analysismentioning

confidence: 99%

“…Intra-firewall contributions appeared in the literature include, for instance, (optimal) rule ordering [14]- [18], firewall compression [19], [20] and rule analysis [21], [22]. Interfirewall alternatives are frequently based on special architectures such as parallel firewalls [23]- [25]; another approach leverages the transfer of filtering rules among firewalls located in the same network [26], [27].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Formal Model and Technique to Redistribute the Packet Filtering Load in Multiple Firewall Networks

Durante

Seno

Valenzano

2021

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Section: ) Rule Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Formal Model and Technique to Redistribute the Packet Filtering Load in Multiple Firewall Networks

Durante

Seno

Valenzano

2021

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

“…Firewall policy is high-level statement defines how an organization's firewalls should handle inbound and outbound network traffic. It must align with the organization's overall information security policies [11].…”

Section: Firewallmentioning

confidence: 99%

Compu Castel: An Instructional Tool for Teaching Firewall Concepts

Mostafa

2020

IJCIT

View full text Add to dashboard Cite

Firewall is an essential device in every computer network. It needs skillful professionals to accurately configure its rules for proper functioning. To help prepare these professionals, university level students need more engaging and attractive interactive tools to develop their skills. For this regard, this paper presents the design, implementation and evaluation of "Compu Castel" educational video game that teaches firewall concepts. In addition to evaluating the impact of educational game on short-term knowledge acquisition, both, mid-term (after 2 months) and long-term (after 5 months) knowledge retention is analyzed. The results confirm that educational games affect positively short-term knowledge acquisition compared with traditional text based methods. Moreover, educational games enhance knowledge retention for mid-term and long-term periods.

show abstract

“…The lack of policies may require involving human administrator which may be expensive and not possible in some contexts. Previous research has focused on methods and tools for analyzing policies with respect to those four requirements (see [4] for a detailed survey of the state of the art). The use of our symbolic learning framework for generating policies helps in such an analysis.…”

Section: A Policy Assessmentmentioning

confidence: 99%

“…Policy-based management thus significantly increases the self-managing aspects of coalition operations. Because of the usefulness of policy-based management, policy models, languages, formalisms, and systems have been widely investigated and applied to many different domains, including access control [3], firewall systems, and more recently software defined networks [4]. Policy standards have been developed, most notably in the areas of access control (e.g., the eXtensible Access Control Markup Language (XACML) and RBAC standards).…”

Section: Introductionmentioning

confidence: 99%

Generative Policies for Coalition Systems - A Symbolic Learning Framework

Bertino

White²,

Lobo

et al. 2019

2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS)

Self Cite

View full text Add to dashboard Cite

Policy systems are critical for managing missions and collaborative activities carried out by coalitions involving different organizations. Conventional policy-based management approaches are not suitable for next-generation coalitions that will involve not only humans, but also autonomous computing devices and systems. It is critical that those parties be able to generate and customize policies based on contexts and activities. This paper introduces a novel approach for the autonomic generation of policies by autonomous parties. The framework combines context free grammars, answer set programs, and inductionbased learning. It allows a party to generate its own policies, based on a grammar and some semantic constraints, by learning from examples. The paper also outlines initial experiments in the use of such a symbolic approach and outlines relevant research challenges, ranging from explainability to quality assessment of policies.

show abstract

Methods and Tools for Policy Analysis

Cited by 36 publications

References 195 publications

A Formal Model and Technique to Redistribute the Packet Filtering Load in Multiple Firewall Networks

A Formal Model and Technique to Redistribute the Packet Filtering Load in Multiple Firewall Networks

Compu Castel: An Instructional Tool for Teaching Firewall Concepts

Generative Policies for Coalition Systems - A Symbolic Learning Framework

Contact Info

Product

Resources

About