Firewall Design and Analysis.
Title:
Firewall Design and Analysis.
Author:
Liu, Alex X.
ISBN:
9789814261661
Personal Author:
Physical Description:
1 online resource (250 pages)
Series:
Computer and Network Security
Contents:
Contents -- Preface -- Chapter 1 Prologue -- 1.1 Background and Motivation -- 1.2 Previous Work -- 1.2.1 Previous Work on Firewall Design -- 1.2.2 Previous Work on Firewall Analysis -- 1.3 Contributions of the Book -- 1.3.1 Structured Firewall Design -- 1.3.2 Diverse Firewall Design -- 1.3.3 Stateful Firewall Model -- 1.3.4 Firewall Queries -- 1.3.5 Firewall Redundancy Detection -- 1.4 Overview of the Book -- Chapter 2 Structured Firewall Design -- 2.1 Motivation -- 2.1.1 Consistency, Completeness and Compactness -- 2.1.2 Structured Firewall Design -- 2.2 Firewall Decision Diagrams -- 2.3 FDD Reduction -- 2.4 FDD Marking -- 2.5 Firewall Generation -- 2.6 Firewall Compaction -- 2.7 Firewall Simplification -- Chapter 3 Diverse Firewall Design -- 3.1 Construction Algorithm -- 3.2 Shaping Algorithm -- 3.2.1 FDD Simplifying -- 3.2.2 Node Shaping -- 3.2.3 FDD Shaping -- 3.3 Comparison Algorithm -- 3.4 Experimental Results -- Chapter 4 Stateful Firewall Model -- 4.1 Firewall Model -- 4.2 Firewall Examples -- 4.2.1 Example I: Tracking Outgoing Packets -- 4.2.2 Example II: Tracking FTP Ptotocol -- 4.3 Removing Packets from Firewall State -- 4.4 Firewall States -- 4.4.1 Truly Stateful and Truly Stateless Firewalls -- 4.4.2 Stateless Derivatives -- 4.5 Firewall Properties -- 4.5.1 Conforming Firewalls -- 4.5.2 Proper Firewalls -- Chapter 5 Firewall Queries -- 5.1 Structured Firewall Query Language -- 5.1.1 Firewalls -- 5.1.2 Query Language -- 5.2 Firewall Query Examples -- 5.3 Firewall Query Processing -- 5.4 FDT-based Firewall Query Processing Algorithm -- 5.5 Experimental Results -- Chapter 6 Firewall Redundancy Detection -- 6.1 Firewall Redundant Rules -- 6.2 Removing Upward Redundancy -- 6.3 Removing Downward Redundancy -- 6.4 Experimental Results -- Chapter 7 Epilogue -- 7.1 Conclusions -- Acknowledgments -- Bibliography -- Index.
Abstract:
This unique book represents the first rigorous and comprehensive study of firewall policy design and analysis. Firewalls are the most critical and widely deployed intrusion prevention systems. Designing new firewall policies and analyzing existing firewall policies have been difficult and error-prone. This book presents scientifically sound and practically useful methods for designing and analyzing firewall policies. This book is useful to a variety of readers. First, it can be used as a handbook for network/firewall administrators and network security professionals. Second, it can be used as an advanced textbook for graduate students and senior undergraduate students in computer science and engineering. Third, it is also suitable for non-experts in network security who wish to understand more about firewalls. The presentation of the book is detailed enough to capture the interest of curious readers, and complete enough to provide the necessary background material needed to delve further into the subject of firewalls and network security.
Local Note:
Electronic reproduction. Ann Arbor, Michigan : ProQuest Ebook Central, 2017. Available via World Wide Web. Access may be limited to ProQuest Ebook Central affiliated libraries.
Subject Term:
Genre:
Electronic Access:
Click to View