The 1st workshop on model-based verification & validation: Directed acyclic graph modeling of security policies for firewall testing
Loading...
Date
2009
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Open Access Color
OpenAIRE Downloads
OpenAIRE Views
BIP! Indicators
Impulse
Average
Influence
Average
Popularity
Average
Abstract
Currently network security of institutions highly depend on firewalls, which are used to separate untrusted network from trusted one by enforcing security policies. Security policies used in firewalls are ordered set of rules where each rule is represented as a predicate and an action. This paper proposes modeling of firewall rules via directed acyclic graphs (DAG), from which test cases can be automatically generated for firewall testing. The approach proposed follows test case generation algorithm developed for event sequence graphs. Under a local area network setup with the aid of a specifically developed software for this purpose, generated test cases are converted to network test packets, test packets are sent to the firewall under test (FUT), and sent packets are compared with passed packets to determine test result. © 2009 IEEE.
Description
Keywords
Directed acyclic graphs, Event sequence graphs, Firewall policies, Firewall testing, Firewalls, Security testing
Fields of Science
Citation
6
WoS Q
Scopus Q
OpenCitations Citation Count
7
Source
SSIRI 2009 - 3rd IEEE International Conference on Secure Software Integration Reliability Improvement -- 3rd IEEE International Conference on Secure Software Integration Reliability Improvement, SSIRI 2009 -- 8 July 2009 through 10 July 2009 -- Shanghai -- 78774
Volume
Issue
Start Page
End Page
Collections
PlumX Metrics
Citations
CrossRef : 3
Scopus : 6
Captures
Mendeley Readers : 24