Modelirovanie i Analiz Informatsionnykh Sistem
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive
Impact factor

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS


Model. Anal. Inform. Sist.:
Year:
Volume:
Issue:
Page:
Find




Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register

Modelirovanie i Analiz Informatsionnykh Sistem, 2019, Volume 26, Number 1, Pages 75–89
DOI: https://doi.org/10.18255/1818-1015-2019-1-75-89 (Mi mais665) 		 
This article is cited in 2 scientific papers (total in 2 papers)

Computer Networks and Communications

An effective algorithm for collision resolution in security policy rules

S. V. Morzhova, V. A. Sokolovb

a P.G. Demidov Yaroslavl State University, 14 Sovetskaya st., Yaroslavl, 150003, Russia
b Centre of Integrable Systems, P.G. Demidov Yaroslavl State University, 14 Sovetskaya st., Yaroslavl, 150003, Russia
Full-text PDF (763 kB) Citations (2)
References:
PDF
HTML
DOI: https://doi.org/10.18255/1818-1015-2019-1-75-89
Abstract: A firewall is the main classic tool for monitoring and managing the network traffic on a local network. Its task is to compare the network traffic passing through it with the established security rules. These rules, which are often also called security policy, can be defined both before and during the operation of the firewall. Managing the security policy of large corporate networks is a complex task. In order to properly implement it, firewall filtering rules must be written and organized neatly and without errors. In addition, the process of changing or inserting new rules should be performed only after a careful analysis of the relationship between the rules being modified or inserted, as well as the rules that already exist in the security policy. In this article, the authors consider the classification of relations between security policy rules and also give the definition of all sorts of conflicts between them. In addition, the authors present a new efficient algorithm for detecting and resolving collisions in firewall rules by the example of the Floodlight SDN controller.
Keywords: access control list, firewall, software defined network, ACL, SDN, security policy tree.
Funding agency Grant number
Russian Foundation for Basic Research 17-07-00823_а
Ministry of Education and Science of the Russian Federation 1.10160.2017/5.1
The work was funded by Russian Foundation for Basic Research, according to the research projects No. 17-07-00823 А, and was carried out within the framework of the state program of the Ministry of Education and Science of the Russian Federation, project № 1.10160.2017/5.1.
Received: 15.12.2018
Revised: 14.01.2019
Accepted: 18.02.2019
Bibliographic databases:
Document Type: Article
UDC: 004.7
Language: Russian
Citation: S. V. Morzhov, V. A. Sokolov, “An effective algorithm for collision resolution in security policy rules”, Model. Anal. Inform. Sist., 26:1 (2019), 75–89
Citation in format AMSBIB
\Bibitem{MorSok19}
\by S.~V.~Morzhov, V.~A.~Sokolov
\paper An effective algorithm for collision resolution in security policy rules
\jour Model. Anal. Inform. Sist.
\yr 2019
\vol 26
\issue 1
\pages 75--89
\mathnet{http://mi.mathnet.ru/mais665}
\crossref{https://doi.org/10.18255/1818-1015-2019-1-75-89}
\elib{https://elibrary.ru/item.asp?id=37069558}
Linking options:
  • https://www.mathnet.ru/eng/mais665
  • https://www.mathnet.ru/eng/mais/v26/i1/p75
    • This publication is cited in the following 2 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    		Моделирование и анализ информационных систем
     
      Contact us:
    		  Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024