文章基本信息

标题：Enhancement Misconfiguration Management of Network Security Components Using Range Algorithm
本地全文：下载
作者：Ahmed Farouk ; Hamdy N.Agiza ; Elsayed Radwan 等
期刊名称：International Journal of Computer Science and Network Security
印刷版ISSN：1738-7906
出版年度：2009
卷号：9
期号：6
页码：280-287
出版社：International Journal of Computer Science and Network Security
摘要：Many companies and organizations use firewalls to control the access to their network infrastructure. When processing packages, conflicts due to rule overlaps can occur within the filtering policy. To solve these conflicts most firewall implementation use a first matching strategy through the ordering of rules. This way each packet processed by the firewall is mapped to the decision of the rule with highest priority. This strategy introduces however new configuration errors such as shadowing of rules and redundancy lead to inaccurate results. In this paper new algorithm called range algorithm introduced to get the best case for solving conflict and shadowing problems. Also get result rules that is free inconsistency and finding rules that cause inconsistency.
关键词：Network Security; Firewalls; Redundancy and Shadowing of Rules; Conflict; and Range Algorithm