Firewall Policy Diagram: Novel Data Structures and Algorithms for Modeling, Analysis, and Comprehension of Network Firewalls

Item request has been placed!

Item request cannot be made.

Processing Request

Read More Add to Saved list

Author(s): Clark, Patrick G.
Subject Terms:
Computer science; Firewall behavior abstraction; Firewall behavior modeling; Firewall modeling; Firewall policy; Firewall policy diagram; Firewall policy query language
Document Type:
doctoral or postdoctoral thesis
Language:
English

Additional Information
- Contributors:
  Agah, Arvin; Chakrabarti, Swapan; Dhar, Prajna; Grzymala-Busse, Jerzy; Luo, Bo
- Publication Information:
  University of Kansas
- Publication Date:
  2013
- Collection:
  The University of Kansas: KU ScholarWorks
- Abstract:
  Firewalls, network devices, and the access control lists that manage traffic are very important components of modern networking from a security and regulatory perspective. When computers were first connected, they were communicating with trusted peers and nefarious intentions were neither recognized nor important. However, as the reach of networks expanded, systems could no longer be certain whether the peer could be trusted or that their intentions were good. Therefore, a couple of decades ago, near the widespread adoption of the Internet, a new network device became a very important part of the landscape, i.e., the firewall with the access control list (ACL) router. These devices became the sentries to an organization's internal network, still allowing some communication; however, in a controlled and audited manner. It was during this time that the widespread expansion of the firewall spawned significant research into the science of deterministically controlling access, as fast as possible. However, the success of the firewall in securing the enterprise led to an ever increasing complexity in the firewall as the networks became more inter-connected. Over time, the complexity has continued to increase, yielding a difficulty in understanding the allowed access of a particular device. As a result of this success, firewalls are one of the most important devices used in network security. They provide the protection between networks that only wish to communicate over an explicit set of channels, expressed through the protocols, traveling over the network. These explicit channels are described and implemented in a firewall using a set of rules, where the firewall implements the will of the organization through these rules, also called a firewall policy. In small test environments and networks, firewall policies may be easy to comprehend and understand; however, in real world organizations these devices and policies must be capable of handling large amounts of traffic traversing hundreds or thousands of rules in a ...
- File Description:
  126 pages
- Relation:
  http://dissertations.umi.com/ku:12729; http://hdl.handle.net/1808/11462
- Online Access:
  http://hdl.handle.net/1808/11462
  http://dissertations.umi.com/ku:12729
- Rights:
  This item is protected by copyright and unless otherwise specified the copyright of this thesis/dissertation is held by the author. ; openAccess
- Accession Number:
  edsbas.E20DCBAB

Comments

No Comments.