To Provide An Innovative Policy Anomaly Management Framework For Firewalls
Journal Title: International Journal of Science Engineering and Advance Technology - Year 2014, Vol 2, Issue 12
Abstract
Firewalls have been widely organized on the Internet for securing private networks. A firewall checks each incoming or outgoing packet to choose whether to accept or discard the packet based on its policy. Optimizing firewall policies is vital for improving network performance. In this paper we propose the first cross-domain privacy-preserving cooperative firewall policy optimization protocol. Specifically for any two adjacent firewalls belonging to two different administrative domains our protocol can recognize in each firewall the rules that can be removed because of the other firewall. The optimization process involves cooperative computation between the two firewalls without any party disclosing its policy to the other. Firewalls are significant in securing private networks of businesses, institutions and home networks. A firewall is frequently placed at the entry between a private network and the external network so that it can ensure each incoming or outgoing packet and choose whether to accept or abandon the packet based on its policy. A firewall policy is typically specified as a sequence of rules called Access Control List (ACL) and each rule has a predicate over multiple packet header fields i.e., source IP, destination IP, source port, destination port, and protocol type and a decision i.e., accept and discard for the packets that counterpart the predicate. In this paper we recommend the first cross-domain privacypreserving cooperative firewall policy optimization protocol.
Authors and Affiliations
Subha Sree Mallela| Department of Computer Science And Engineering Akula Sree Ramulu Institute of Engineering and Technology, Prathipadu, Tadepalligudem, A.P, India, subhasree.mallela@gmail.com, M M Bala Krishna| Department of Computer Science And Engineering Akula Sree Ramulu Institute of Engineering and Technology, Prathipadu, Tadepalligudem, A.P, India, balu_522@yahhoo.co.in, KTV Subba Rao| Department of Computer Science And Engineering Akula Sree Ramulu Institute of Engineering and Technology, Prathipadu, Tadepalligudem, A.P, India, ogidi@rediffmail.com
Keywords
Related Articles
- EP ID EP16414
- DOI -
- Views 340
- Downloads 24
Fuzzy logic controller based DC-Link Voltage Self-Balance Method for Multilevel Converter with less Number of Voltage Sensors
In many inverters, Voltage balance of dclink capacitors is very important for applications of a cascade multilevel converter or a modular multilevel converter. In this paper, a novel diode-clamped modular multilevel c...
Extermination of DDoS Attack By Software Puzzle System
DoS/DDoS attaacks are among the genuine risks to computerized security, and client confound, which asks for a client to perform computationally costly operations before being surrendered organizations from a server,...
Genetically Optimized Pre coders Transceiver Design for Double STBC System
Wireless communications depends on multiple-inputmultiple-output (MIMO) techniques for high data rates. Feedback of channel information can be used in precoding to use the strongest channel mode and improve MIMO perfor...
Real Time Automatic Number Plate Recognition Using Morphological Algorithm
The rising increase of up to date urban and national road networks over the last three decades become known the need of capable monitoring and management of road traffic. Expected techniques for traffic measurements,...
BESS based Multi input inverter for Grid connected hybrid pv and wind power system
This paper proposes BESS based multi input inverter for grid connected hybrid PV and wind power system. This system will simplify the power system and reduce the cost. The proposed system consists of a battery system...