|
|||||
|
|
| 分布式防火墙策略配置错误的分析与检测 | |
| 引用本文: | 王卫平,陈文惠,朱卫未,陈华平,杨杰. 分布式防火墙策略配置错误的分析与检测[J]. 中国科学院研究生院学报, 2007, 24(2): 257-265 |
| 作者姓名: | 王卫平 陈文惠 朱卫未 陈华平 杨杰 |
| 作者单位: | 1. 中国科学技术大学信息管理与决策科学系,合肥,230026 2. 江苏省公安厅信息中心,南京,210024 |
| 基金项目: | 国家高技术研究发展计划(863计划) |
| 摘 要: | 作为一种传统的信息安全技术,分布式防火墙发挥着非常重要的作用,同时,它也存在着一些问题。分布式防火墙策略经常会存在冲突,给企业带来了安全隐患。在讨论了防火墙规则的几种关系之后,给出了可能存在的策略配置错误,并给出了检测策略配置错误的算法,算法的仿真实验证明了算法的有效性和执行效率。最后,给出了需要进一步研究的方向。 |
| 关 键 词: | 防火墙 分布式 策略 规则冲突 算法 |
| 文章编号: | 1002-1175(2007)02-0257-09 |
| 修稿时间: | 2006-04-03 |
Analysis of distributed firewall policy configuration mistakes and their detection |
|
| WANG Wei-Ping,CHEN Wen-Hui,ZHU Wei-Wei,CHEN Hua-Ping,YANG Jie. Analysis of distributed firewall policy configuration mistakes and their detection[J]. Journal of the Graduate School of the Chinese Academy of Sciences, 2007, 24(2): 257-265 | |
| Authors: | WANG Wei-Ping CHEN Wen-Hui ZHU Wei-Wei CHEN Hua-Ping YANG Jie |
| Affiliation: | 1 School of Management, University of Science &; Technology of China, Hefei, 230026) 2 Information Center, Public Security Department of Jiangsu, Nanjing, 210024 |
| Abstract: | As a traditional information security technology(IST),distributed firewall is playing an important role but it has some problems.Conflicts always appear in distributed firewall policy,bringing the security menace.After discussions of some relations between the rules of firewall,this paper demonstrates the probable mistakes which might exist in policy configuration,and also introduces an algorithm of mistake-detecting about policy configuration.Finally,the direction of further research is also presented. |
| Keywords: | distributed firewall policy rule conflict algorithm |
| 本文献已被 CNKI 万方数据 等数据库收录! | |
| 点击此处可从《中国科学院研究生院学报》浏览原始摘要信息 | |
| 点击此处可从《中国科学院研究生院学报》下载全文 | |