Powered by OpenAIRE graph
Found an issue? Give us feedback
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/ https://link.springe...arrow_drop_down
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
https://link.springer.com/cont...
Part of book or chapter of book
Data sources: UnpayWall
image/svg+xml art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos Open Access logo, converted into svg, designed by PLoS. This version with transparent background. http://commons.wikimedia.org/wiki/File:Open_Access_logo_PLoS_white.svg art designer at PLoS, modified by Wikipedia users Nina, Beao, JakobVoss, and AnonMoos http://www.plos.org/
CORE (RIOXX-UK Aggregator)
Conference object . 2006
Data sources: CORE (RIOXX-UK Aggregator)
image/svg+xml Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao Closed Access logo, derived from PLoS Open Access logo. This version with transparent background. http://commons.wikimedia.org/wiki/File:Closed_Access_logo_transparent.svg Jakob Voss, based on art designer at PLoS, modified by Wikipedia users Nina and Beao
https://doi.org/10.1007/119074...
Part of book or chapter of book . 2006
License: http://www.springer.com/tdm
Data sources: Crossref
 View all 2 versions
Claim

This Research product is the result of merged Research products in OpenAIRE.

You have already added 0 works in your ORCID record related to the merged Research product.
share
Claim

This Research product is the result of merged Research products in OpenAIRE.

You have already added 0 works in your ORCID record related to the merged Research product.

Using Argumentation Logic for Firewall Policy Specification and Analysis

descriptionPublicationkeyboard_double_arrow_right Part of book or chapter of book , Conference object 15 Oct 2006Springer Berlin Heidelberg
Arosha K. Bandara; Antonis C. Kakas; Emil Lupu; Alessandra Russo;

doi: 10.1007/11907466_16

Using Argumentation Logic for Firewall Policy Specification and Analysis

Abstract

Firewalls are important perimeter security mechanisms that imple-ment an organisation's network security requirements and can be notoriously difficult to configure correctly. Given their widespread use, it is crucial that network administrators have tools to translate their security requirements into firewall configuration rules and ensure that these rules are consistent with each other. In this paper we propose an approach to firewall policy specification and analysis that uses a formal framework for argumentation based preference reasoning. By allowing administrators to define network abstractions (e.g. subnets, protocols etc) security requirements can be specified in a declarative manner using high-level terms. Also it is possible to specify preferences to express the importance of one requirement over another. The use of a formal framework means that the security requirements defined can be automatically analysed for inconsistencies and firewall configurations can be automatically generated. We demonstrate that the technique allows any inconsistency property, including those identified in previous research, to be specified and automatically checked and the use of an argumentation reasoning framework provides administrators with information regarding the causes of the inconsistency.

Related Organizations
View all View all
Subjects by Vocabulary

Microsoft Academic Graph classification: Computer security computer.software_genre computer Application firewall Computer science Firewall (construction) Network security business.industry business Argumentation theory

12 references, page 1 of 2

[1] E. S. Al-Shaer and H. H. Hamed. "Firewall Policy Advisor for Anomaly Doscovery and Rule Editing." In Proceedings of 8th IFIP/IEEE International Symposium on Integrated Network Management, Colarado Springs, CO, IEEE, March 2003.

[2] Cisco. "Cisco PIX Firewall Configuration White Paper (DOCID: 68815), http://www.cisco.com/warp/public/707/ezvpn-asa-svr-871-rem.pdf", Cisco Inc, 2006.

[3] E. S. Al-Shaer and H. H. Hamed. "Discovery of Policy Anomalies in Distributed Firewalls." In Proceedings of 23rd IEEE Communications Society Conference (INFOCOM), Hong Kong, IEEE, March 2004.

[4] P. M. Dung (1995). "On the acceptability of arguments and its fundamental role in nonmonotonic reasoning, logic programming and n-person games." Artificial Intelligence(77): 321-357, 1995. [OpenAIRE]

[5] A. Bondarenko, P. M. Dung, R. A. Kowalski, and F. Toni (1997). "An abstract argumentation theoretic approach to default reasoning." Artificial Intelligence 93: 63-101, 1997. [OpenAIRE]

[6] A. Kakas, P. Mancerella, and P. M. Dung. "The acceptability semantics for logic programs." In Proceedings of 11th International Conference on Logic Programming, Santa Marherita Ligure, Italy, 1994. [OpenAIRE]

[7] H. Prakken and G. Sartor. "A system for defeasible argumentation, with defeasible priorities." In Proceedings of International Conference on Formal and Applied Practical Reasoning, Springer-Verlag, LNAI 1085, 1996. [OpenAIRE]

[8] Gorgias. "Argumentation and Abduction, http://www2.cs.ucy.ac.cy/~nkd/gorgias/",

[9] Y. Dimopoulos, B. Nebel, and F. Toni (2002). "On the Computational Complexity of Assumption-based Argumentation for Default Reasoning." Artificial Intelligence 141: 57- 78, 2002. [OpenAIRE]

[10] A. Mayer, A. Wool, and E. Ziskind (2006). "Offline firewall analysis." International Journal on Information Security 5(3): 125-144, 2006.

  • BIP!
    Impact byBIP!
    citations
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 43
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
    OpenAIRE UsageCounts
    Usage byUsageCounts
    visibility views 0
    download downloads 60
  • citations
    This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 43
    popularity
    This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
    		 Average
    influence
    This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
    		 Average
    impulse
    This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
    		 Average
    Powered byBIP!BIP!
  • 60
    downloads
    Powered byOpenAIRE UsageCounts
Powered by OpenAIRE graph
Found an issue? Give us feedback
download
citations
This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Citations provided by BIP!
popularity
This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.
BIP!Popularity provided by BIP!
influence
This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).
BIP!Influence provided by BIP!
impulse
This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.
BIP!Impulse provided by BIP!
downloads
OpenAIRE UsageCountsDownloads provided by UsageCounts
43
Average
Average
Average
60
Metrics badge
more

Do the share buttons not appear? Please make sure, any blocking addon is disabled, and then reload the page.