Joaquin Garcia Alfaro scite author profile

Joaquin Garcia Alfaro

3Publications

95Citation Statements Received

71Citation Statements Given

How they've been cited

148

How they cite others

Affiliations

Open University of Catalonia, National Institute of Advanced Technologies of Brittany

Publications

Order By: Most citations

Complete analysis of configuration rules to guarantee reliable network security policies

Alfaro

Boulahia-Cuppens

Cuppens

2007

Int. J. Inf. Secur.

View full text Add to dashboard Cite

The use of different network security components, such as firewalls and network intrusion detection systems (NIDSs), is the dominant method to monitor and guarantee the security policy in current corporate networks. To properly configure these components, it is necessary to use several sets of security rules. Nevertheless, the existence of anomalies between those rules, particularly in distributed multi-component scenarios, is very likely to degrade the network security policy. The discovery and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a complete set of mechanisms for such a management.Keywords Network Security · Firewalls · Intrusion Detection Systems · Policy Anomalies IntroductionGenerally, once a security administrator has specified a security policy, he or she aims to enforce it in the information system to be protected. This enforcement consists in distributing the security rules expressed in this policy over different security components of the information system -such as firewalls, intrusion detection systems (IDSs), intrusion prevention systems (IPSs), proxies, etc. -both at application, system, and network level. This implies cohesion of the security functions supplied by these components. In other words, security rules deployed over the different components must be consistent, not redundant and, as far as possible, optimal.

show abstract

Analysis of Policy Anomalies on Distributed Network Security Setups

Alfaro

Cuppens

Cuppens-Boulahia

2006

View full text Add to dashboard Cite

The use of different network security components, such as firewalls and network intrusion detection systems (NIDSs), is the dominant method to survey and guarantee the security policy in current corporate networks. On the one hand, firewalls are traditional security components which provide means to filter traffic within corporate networks, as well as to police the incoming and outcoming interaction with the Internet. On the other hand, NIDSs are complementary security components used to enhance the visibility level of the network, pointing to malicious or anomalous traffic. To properly configure both firewalls and NIDSs, it is necessary to use several sets of filtering and alerting rules. Nevertheless, the existence of anomalies between those rules, particularly in distributed multi-component scenarios, is very likely to degrade the network security policy. The discovering and removal of these anomalies is a serious and complex problem to solve. In this paper, we present a set of algorithms for such a management.

show abstract

Secure Localization of Nodes in Wireless Sensor Networks with Limited Number of Truth Tellers

Alfaro

Barbeau

Kranakis

2009

View full text Add to dashboard Cite

We provide in this paper three algorithms that enable the sensor nodes of a Wireless Sensor Network (WSN) to determine their location in presence of neighbor sensors that may lie about their position. Our algorithms minimize the number of trusted nodes required by regular nodes to complete their process of localization. The algorithms always work for a given number of neighbors provided that the number of liars is below a certain threshold value, which is also determined.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.