To Provide An Innovative Policy Anomaly Management Framework For Firewalls
Journal Title: International Journal of Science Engineering and Advance Technology - Year 2014, Vol 2, Issue 12
Abstract
Firewalls have been widely organized on the Internet for securing private networks. A firewall checks each incoming or outgoing packet to choose whether to accept or discard the packet based on its policy. Optimizing firewall policies is vital for improving network performance. In this paper we propose the first cross-domain privacy-preserving cooperative firewall policy optimization protocol. Specifically for any two adjacent firewalls belonging to two different administrative domains our protocol can recognize in each firewall the rules that can be removed because of the other firewall. The optimization process involves cooperative computation between the two firewalls without any party disclosing its policy to the other. Firewalls are significant in securing private networks of businesses, institutions and home networks. A firewall is frequently placed at the entry between a private network and the external network so that it can ensure each incoming or outgoing packet and choose whether to accept or abandon the packet based on its policy. A firewall policy is typically specified as a sequence of rules called Access Control List (ACL) and each rule has a predicate over multiple packet header fields i.e., source IP, destination IP, source port, destination port, and protocol type and a decision i.e., accept and discard for the packets that counterpart the predicate. In this paper we recommend the first cross-domain privacypreserving cooperative firewall policy optimization protocol.
Authors and Affiliations
Subha Sree Mallela| Department of Computer Science And Engineering Akula Sree Ramulu Institute of Engineering and Technology, Prathipadu, Tadepalligudem, A.P, India, subhasree.mallela@gmail.com, M M Bala Krishna| Department of Computer Science And Engineering Akula Sree Ramulu Institute of Engineering and Technology, Prathipadu, Tadepalligudem, A.P, India, balu_522@yahhoo.co.in, KTV Subba Rao| Department of Computer Science And Engineering Akula Sree Ramulu Institute of Engineering and Technology, Prathipadu, Tadepalligudem, A.P, India, ogidi@rediffmail.com
Keywords
Related Articles
- EP ID EP16414
- DOI -
- Views 312
- Downloads 24
Design Evaluation and Analysis of Vapor Compression Cooling Cycle With Change In Span of Condenser
Refrigeration is a procedure of moving warmth starting with one area then onto the next in controlled conditions. This procedure is customarily determined by mechanical energy, however can likewise be driven by provi...
Cloud computing services have turned into the worldview of vast scale framework where a provider gives shared virtual computing and storage assets to a customer. The service provider infrastructure converts into cost...
Radiaton Pattern Reconfiguration Using Parasitic Elements
A parasitic surface based reconfiguration technique for microstrip antenna beam steering has been presented and discussed in this paper. This concept can be used in reconfigurable antennas without additional modifica...
Maximum Data Rate Determination of a Telephone Transmission Channel
The transmission channel is a medium that transfers the information from the source to the destination. So many forms of media are available; some of them are pair of wires, a coaxial cable, a radio path, or an optic...
Enhanced Reroute Integrity Checking Algorithm For Data Transmission In WSN
Applications running on the same Wireless Sensor Network (WSN) stage as a rule have distinctive Quality of Service (QoS) necessities. Two key necessities are low deferment and high data respectability. Regardless, a...