Mining a high level access control policy in a network with multiple firewalls

Safaa Hachana; Nora Cuppens-Boulahia; Frederic Cuppens

首页> 外文期刊>Information Security Technical Report >Mining a high level access control policy in a network with multiple firewalls

【24h】

Mining a high level access control policy in a network with multiple firewalls

机译：在具有多个防火墙的网络中挖掘高级访问控制策略

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

A policy mining approach that aims to automatically extract a high level of abstraction policy from the rules configured on a firewall has been recently proposed (Hachana et al., 2013). This technique is likely to considerably facilitate firewall management. However, protecting the information system of a business organization usually requires the enforcement of more than one firewall. In this paper, we augment the policy mining approach by an additional processing for a network access control policy mining. We develop the problem of integration of Net-RBAC (Hachana, 2014) policies resulting from policy mining over several firewalls in order to mine a high level network policy. Moreover, we show how to verify security properties related to the deployment consistency over the firewalls. We illustrate the network policy mining approach by a realistic example, and we experimentally evaluate the performance of our merger algorithms.

机译：最近提出了一种策略挖掘方法，旨在从防火墙上配置的规则中自动提取高级抽象策略（Hachana等，2013）。此技术可能会极大地促进防火墙管理。但是，保护企业组织的信息系统通常需要实施多个防火墙。在本文中，我们通过对网络访问控制策略挖掘的附加处理来扩展策略挖掘方法。我们开发了通过在多个防火墙上进行策略挖掘而导致的Net-RBAC策略集成（Hachana，2014年）的问题，以便挖掘高级网络策略。此外，我们展示了如何验证与防火墙上的部署一致性相关的安全属性。我们通过一个实际的例子来说明网络策略挖掘方法，并通过实验评估我们的合并算法的性能。

著录项

来源
《Information Security Technical Report》 |2015年第2期|61-73|共13页
作者
Safaa Hachana; Nora Cuppens-Boulahia; Frederic Cuppens;
展开▼
作者单位

Dept. LUSSI, Institut Telecom-Mines/Telecom Bretagne, France,LIAS Labs, Ecole Nationale Superieure de Mecanique et d'Aerotechnique, France,Institut Telecom-Mines/Telecom Bretagne, 2 Rue de la Chataigneraie, 35510 Cesson Sevigne, France;

Dept. LUSSI, Institut Telecom-Mines/Telecom Bretagne, France;

Dept. LUSSI, Institut Telecom-Mines/Telecom Bretagne, France;

展开▼
收录信息美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Access control; Network security; Policy mining; Role mining; Multiple firewalls; Net-RBAC;

机译：访问控制;网络安全;政策挖掘;角色挖掘;多个防火墙;网络RBAC;

相似文献

外文文献
中文文献
专利

1. Network Security Firewalls Implement Policy, Control Access [J] . James B. Busey IV Signal . 1996,第7期

机译：网络安全防火墙实施策略，控制访问
2. Network-Level Access Control Policy Analysis and Transformation [J] . Basile C., Cappadonia A., Lioy A. Networking, IEEE/ACM Transactions on . 2012,第4期

机译：网络级访问控制策略分析与转换
3. An adaptive network allocation vector timer-based carrier sense multiple access with collision avoidance medium access control protocol for underwater acoustic sensor networks [J] . Md Arifur Rahman, Youngdoo Lee, Insoo Koo International Journal of Distributed Sensor Networks . 2017,第1期

机译：水下声传感器网络的基于自适应网络分配矢量定时器的载波侦听多址与避免碰撞介质访问控制协议
4. Specifications of a high-level conflict-free firewall policy language for multi-domain networks [C] . Bin Zhang, Ehab Al-Shaer, Radha Jagadeesan, ACM symposium on Access control models and technologies . 2007

机译：多域网络的高级无冲突防火墙策略语言的规范
5. A medium-access control for symmetric link code domain multiple access-based wireless sensor networks. [D] . Nagaraj, Sumeeth. 2003

机译：对称链接代码域基于多个访问的无线传感器网络的介质访问控件。
6. An Efficient Attribute-Based Access Control (ABAC) Policy Retrieval Method Based on Attribute and Value Levels in Multimedia Networks [O] . Meiping Liu, Cheng Yang, Hao Li, 2020

机译：基于属性和值级别的多媒体网络中基于属性的有效访问控制（ABAC）策略检索方法
7. An Efficient Attribute-Based Access Control (ABAC) Policy Retrieval Method Based on Attribute and Value Levels in Multimedia Networks [O] . Meiping Liu, Cheng Yang, Hao Li, 2020

机译：基于多媒体网络的属性和值级别的基于基于基于属性的访问控制（ABAC）策略检索方法

Mining a high level access control policy in a network with multiple firewalls

摘要

著录项

相似文献

相关主题

期刊订阅