A framework for firewalls policy representativeness testing based on classification and reversible metrics Online publication date: Tue, 16-Aug-2016
by Kamel Karoui; Fakher Ben Ftima; Henda Ben Ghezala
International Journal of Security and Networks (IJSN), Vol. 11, No. 3, 2016
Abstract: Network's security organisation and management is a hard and complex task. This is due to the diversity of security components and activities such as security policy specification, anomalies detection, vulnerability assessment, etc. In this paper, we propose to organise and gather these activities in a unique framework called network security life-cycle. Security components, especially firewalls, deployment should respect the network security life-cycle. It is necessary to check that the firewalls policy's state or quality is accurately representative of all deployed firewalls. This activity is based on a set of individual metrics that allow us to evaluate and classify the security policy and firewalls according to the accurately implemented rules. Those metrics are gathered and classified to provide a unique reversible representativeness metric. In case of bad representative metric value, we can use the reversible metric to find back the individual metrics classifications and then detect the cause of this deficiency.
Online publication date: Tue, 16-Aug-2016
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Security and Networks (IJSN):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email firstname.lastname@example.org