Modeling and Global Conflict Analysis of Firewall Policy

扫码查看

原文链接

NETL
NSTL
万方数据
维普

外文摘要：The global view of firewall policy conflict is important for administrators to optimize the policy.It has been lack of appropriate firewall policy global conflict analysis,existing methods focus on local conflict detection.We research the global conflict detection algorithm in this paper.We presented a semantic model that captures more complete classifications of the policy using knowledge concept in rough set.Based on this model,we presented the global conflict formal model,and represent it with OBDD (Ordered Binary Decision Diagram).Then we developed GFPCDA (Global Firewall Policy Conflict Detection Algorithm) algorithm to detect global conflict.In experiment,we evaluated the usability of our semantic model by eliminating the false positives and false negatives caused by incomplete policy semantic model,of a classical algorithm.We compared this algorithm with GFPCDA algorithm.The results show that GFPCDA detects conflicts more precisely and independently,and has better performance.

外文关键词：

firewall policysemantic modelconflict analysisconflict detection

作者：

LIANG Xiaoyan、XIA Chunhe、JIAO Jian、HU Junshun、LI Xiaojian

展开 >

作者单位：

Beijing Key Laboratory of Network Technology, Beihang University, Beijing 100191, P.R.China

Beijing Information Science & Technology University, Beijing 100192, P.R.China

Software Development Center of China Agricultural Bank, Beijing 100073, P.R.China

College of Computer Science and Information Technology, Guangxi Normal University, Guilin 541004, Guangxi Province, P.R.China

展开 >

基金：

This work was supported by the National Nature Science Foundation of ChinaProject of National ministryCo-Funding Project of Beijing Municipal Education CommissionBeijing Education Committee General ProgramNational Nature Science Foundation of China

项目编号：

61170295A2120110006JD100060630KM20121123201061370065

出版年：

2014

中国通信(英文版)

CSTPCDCSCDSCI

影响因子：0.463

ISSN：1673-5447

年,卷(期)：2014.11(5)

被引量2
参考文献量22