%0 Conference Proceedings
%T Handling Stateful Firewall Anomalies
%+ Département Logique des Usages, Sciences sociales et Sciences de l'Information (LUSSI)
%+ Lab-STICC_TB_CID_SFIIS
%A Cuppens, Frédéric
%A Cuppens-Boulahia, Nora
%A Garcia Alfaro, Joaquin
%A Moataz, Tarik
%A Rimasson, Xavier
%Z Part 4: Access Control
%< avec comité de lecture
%Z 12353
%( IFIP Advances in Information and Communication Technology
%B 27th Information Security and Privacy Conference (SEC)
%C Heraklion, Greece
%Y Dimitris Gritzalis
%Y Steven Furnell
%Y Marianthi Theoharidou
%I Springer
%3 Information Security and Privacy Research
%V AICT-376
%P 174-186
%8 2012-06-04
%D 2012
%R 10.1007/978-3-642-30436-1_15
%K Firewalls
%K Misconfiguration
%K Network Access Control
%Z Computer Science [cs]
%Z Computer Science [cs]/Cryptography and Security [cs.CR]Conference papers
%X A security policy consists of a set of rules designed to protect an information system. To ensure this protection, the rules must be deployed on security components in a consistent and non-redundant manner. Unfortunately, an empirical approach is often adopted by network administrators, to the detriment of theoretical validation. While the literature on the analysis of configurations of first generation (stateless) firewalls is now rich, this is not the case for second and third generation firewalls, also known as stateful firewalls. In this paper, we address this limitation, and provide solutions to analyze and handle stateful firewall anomalies and misconfiguration.
%G English
%2 https://hal.science/hal-00737170/document
%2 https://hal.science/hal-00737170/file/sec12-preprint.pdf
%L hal-00737170
%U https://hal.science/hal-00737170
%~ UNIV-BREST
%~ INSTITUT-TELECOM
%~ CNRS
%~ UNIV-UBS
%~ TELECOM-BRETAGNE
%~ ENIB
%~ LAB-STICC_ENIB
%~ IFIP
%~ IFIP-AICT
%~ LAB-STICC
%~ IFIP-TC
%~ IFIP-TC11
%~ IFIP-SEC
%~ LAB-STICC_TB
%~ IFIP-AICT-376
%~ IMTA_LUSSI
%~ LAB-STICC_IMTA
%~ IMT-ATLANTIQUE
%~ INSTITUTS-TELECOM