| 6891 |
Creator |
e0b7fd620a538ed1e211c81a48d5a5fd |
| 6891 |
Creator |
ext-6997d56eb679e9f744ee5296fbaf079b |
| 6891 |
Creator |
ext-725994f9eb13e7058a785ed1100be56f |
| 6891 |
Creator |
ext-1016cd46d3d09893fc7eeb2d9ff350c7 |
| 6891 |
Date |
2006-10-15 |
| 6891 |
Is Part Of |
p03029743 |
| 6891 |
Is Part Of |
repository |
| 6891 |
abstract |
Firewalls are important perimeter security mechanisms that imple-ment an organisation's
network security requirements and can be notoriously difficult to configure correctly.
Given their widespread use, it is crucial that network administrators have tools to
translate their security requirements into firewall configuration rules and ensure
that these rules are consistent with each other. In this paper we propose an approach
to firewall policy specification and analysis that uses a formal framework for argumentation
based preference reasoning. By allowing administrators to define network abstractions
(e.g. subnets, protocols etc) security requirements can be specified in a declarative
manner using high-level terms. Also it is possible to specify preferences to express
the importance of one requirement over another. The use of a formal framework means
that the security requirements defined can be automatically analysed for inconsistencies
and firewall configurations can be automatically generated. We demonstrate that the
technique allows any inconsistency property, including those identified in previous
research, to be specified and automatically checked and the use of an argumentation
reasoning framework provides administrators with information regarding the causes
of the inconsistency. |
| 6891 |
authorList |
authors |
| 6891 |
presentedAt |
ext-89fdfca718f4549f34ecf07790a824a6 |
| 6891 |
status |
peerReviewed |
| 6891 |
uri |
http://data.open.ac.uk/oro/document/17519 |
| 6891 |
uri |
http://data.open.ac.uk/oro/document/19267 |
| 6891 |
uri |
http://data.open.ac.uk/oro/document/621 |
| 6891 |
uri |
http://data.open.ac.uk/oro/document/7743 |
| 6891 |
volume |
4269 |
| 6891 |
type |
AcademicArticle |
| 6891 |
type |
Article |
| 6891 |
label |
Bandara, Arosha K. ; Kakas, Antonis; Lupu, Emil C. and Russo, Alessandra (2006).
Using Argumentation Logic for Firewall Policy Specification and Analysis. In: Lecture
Notes in Computer Science, 4269 pp. 185–196. |
| 6891 |
label |
Bandara, Arosha K. ; Kakas, Antonis; Lupu, Emil C. and Russo, Alessandra (2006).
Using Argumentation Logic for Firewall Policy Specification and Analysis. In: Lecture
Notes in Computer Science, 4269 pp. 185–196. |
| 6891 |
Title |
Using Argumentation Logic for Firewall Policy Specification and Analysis |
| 6891 |
in dataset |
oro |