S-VPN gateways are today core elements in network security infrastructure. As networks and services become more complex, managing IPSec access rules becomes an error-prone task. Conflicts in a policy can cause holes in security, and often they can be hard to find when performing only visual or manual inspection. We have defined firstly a methodology to systematically classify the severity of rule conflicts and secondly we have proposed two different solutions to automatically resolve conflicts in an access list, implementing and testing one of them.

S-VPN policy: Access list conflict automatic analysis and resolution / Simone, Ferraresi; Stefano, Pesic; Livia, Trazza; Baiocchi, Andrea. - (2006), pp. 266-274. (Intervento presentato al convegno 8th Annual Information Security Solutions Europe Conference, ISSE 2006 tenutosi a Rome; Italy nel 10 October 2006 through 12 October 2006) [10.1007/978-3-8348-9195-2_29].

S-VPN policy: Access list conflict automatic analysis and resolution

BAIOCCHI, Andrea
2006

Abstract

S-VPN gateways are today core elements in network security infrastructure. As networks and services become more complex, managing IPSec access rules becomes an error-prone task. Conflicts in a policy can cause holes in security, and often they can be hard to find when performing only visual or manual inspection. We have defined firstly a methodology to systematically classify the severity of rule conflicts and secondly we have proposed two different solutions to automatically resolve conflicts in an access list, implementing and testing one of them.
2006
8th Annual Information Security Solutions Europe Conference, ISSE 2006
access lists; access rules; automatic analysis; core elements; error prones; manual inspection; rule conflict
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
S-VPN policy: Access list conflict automatic analysis and resolution / Simone, Ferraresi; Stefano, Pesic; Livia, Trazza; Baiocchi, Andrea. - (2006), pp. 266-274. (Intervento presentato al convegno 8th Annual Information Security Solutions Europe Conference, ISSE 2006 tenutosi a Rome; Italy nel 10 October 2006 through 12 October 2006) [10.1007/978-3-8348-9195-2_29].
File allegati a questo prodotto
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/203626
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact