中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/51604
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 70548/70548 (100%)
造访人次 : 23124143      在线人数 : 345
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/51604


    题名: A novel three-tiered visualization approach for firewall rule validation
    作者: Chao,CS;Yang,SJH
    贡献者: 資訊工程學系
    关键词: MANAGEMENT TOOLKIT;POLICIES;FIRMATO
    日期: 2011
    上传时间: 2012-03-27 18:57:15 (UTC+8)
    出版者: 國立中央大學
    摘要: Firewall is one of the most critical elements of the current Internet, which can protect the entire network against attacks and threats. While configuring the firewalls, rule configuration has to conform to, or say be consistent with, the demands of the network security policies such that the network security would not be flawed. For the security consistency, firewall rule editing, ordering, and distribution must be done very carefully on each of the cooperative firewalls, especially in a large-scale and multifirewall-equipped network. Nevertheless, a network operator is prone to incorrectly configure the firewalls because there are typically thousands or hundreds of filtering/admission rules (i.e., rules in the Access Control List file, or ACL for short), which could be set up in a firewall; not mentioning these rules among firewalls affect mutually and can make the matter worse. Under this situation, the network operator would hardly know his/her misconfiguration until the network functions beyond the expectation. For this reason, our work is to build a visualized validation system for facilitating the check of security consistency between the rule configuration of firewalls and the demands of network security policies. To do so, the developed validation system utilizes a three-tiered visualization hierarchy along with different compound viewpoints to provide users with a complete picture of firewalls and relationships among them for error debugging and anomaly removal. In addition, in this paper, we also enumerate the source of security inconsistency while setting ACLs and make use of it as a basis of the design of our visualization model. Currently, part of the firewall configuration of our campus network has been used as our system's input to demonstrate our system's implementation. (C) 2011 Elsevier Ltd. All rights reserved.
    關聯: JOURNAL OF VISUAL LANGUAGES AND COMPUTING
    显示于类别:[資訊工程學系] 期刊論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    index.html0KbHTML330检视/开启


    在NCUIR中所有的数据项都受到原著作权保护.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈  - 隱私權政策聲明