%0 Conference Proceedings
%T Reasoning About Firewall Policies Through Refinement and Composition
%+ University College Cork (UCC)
%A Neville, Ultan
%A Foley, Simon, N.
%Z Part 6: Reasoning about Security and its Cost
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 30th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Trento, Italy
%Y Silvio Ranise
%Y Vipin Swarup
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXX
%V LNCS-9766
%P 268-284
%8 2016-07-18
%D 2016
%R 10.1007/978-3-319-41483-6_19
%K Firewalls
%K Algebra
%K iptables
%K Anomalies
%K Policy-composition
%Z Computer Science [cs]Conference papers
%X An algebra is proposed for constructing and reasoning about anomaly-free firewall policies. Based on the notion of refinement as safe replacement, the algebra provides operators for sequential composition, union and intersection of policies. The algebra is used to specify and reason about iptables firewall policy configurations. A prototype policy management toolkit has been implemented.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01633676/document
%2 https://inria.hal.science/hal-01633676/file/428203_1_En_19_Chapter.pdf
%L hal-01633676
%U https://inria.hal.science/hal-01633676
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-9766