Using Argumentation Logic for Firewall Policy Specification and Analysis

Bandara, Arosha K.; Kakas, Antonis C.; Lupu, Emil; Russo, Alessandra

doi:10.1007/11907466_16

Cited by 42 publications

(24 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…This is observed by Hari et al (2000), Hamed (2003, 2004a,b), Al-Shaer et al (2005) and Bandara et al (2006b), as the algorithms developed depend on some sort of implicit knowledge of the target managed system, for example, that the policies are ordered and only one in a set is enforced. This approach can be very ecient for centralised applications, but may not scale to distributed systems without augmenting the algorithms .…”

Section: Discussionmentioning

confidence: 90%

See 1 more Smart Citation

On harnessing information models and ontologies for policy conflict analysis

Davy

Jennings

Strassner

2009

2009 IFIP/IEEE International Symposium on Integrated Network Management

View full text Add to dashboard Cite

Section: Discussionmentioning

confidence: 90%

“…Another approach to the problem, proposed by Bandara et al (2006b), is to encode the rewall policies into a logic programming language and to use AI techniques to search for policy anomalies. They represent a rewall policy as a logic statement in Prolog (a logic programming language).…”

Section: Language Based Policy Conict Analysismentioning

confidence: 99%

On harnessing information models and ontologies for policy conflict analysis

Davy

Jennings

Strassner

2009

2009 IFIP/IEEE International Symposium on Integrated Network Management

View full text Add to dashboard Cite

“…It relieves the network administrators and help to automate the management tasks. In [15] and [16] ontologies are applied to describe the network policies such as firewall policies. Management of complex 5G networks using ontologies is proposed in [17].…”

Section: Ontology-based Network Managementmentioning

confidence: 99%

An ontology-based Plug-and-Play approach for in-vehicle Time-Sensitive Networking (TSN)

Farzaneh

Knoll

2016

2016 IEEE 7th Annual Information Technology, Electronics and Mobile Communication Conference (IEMCON)

View full text Add to dashboard Cite

Abstract-Time-Sensitive Networking (TSN) standards aim to support hard real-time communication with minimum latency based on Ethernet technology. They can also support the automotive domain considering upcoming and challenging application requirements in intelligent vehicles of the future. Despite all advantages, Time-Aware Shaper (TAS), a significant feature of TSN, increases the network configuration overhead. This configuration is required to guarantee deterministic network behavior. In this paper, an ontology-based approach is presented that extends TSN capabilities regarding Plug-and-Play and automatic network configuration. The developed ontology meta-models can be used by automotive experts (e.g. network designers or engineers) to design a concrete in-vehicle network based on TSN including knowledge that is required for automatic configuration.

show abstract

“…[8] described a technique based on Argumentation for Logic Programming with Priorities, allowing administrators to use high-level abstractions in specifying their network security requirements. In [9], this work was extended to automatically generate firewall policies from higher-level requirements; and in previous work, we [6,42] have discussed how to use argumentation to handle firewall anomalies and, more generally, to address cyber-security.…”

Section: Related Workmentioning

confidence: 99%

Firewall configuration: An application of multiagent metalevel argumentation

Applebaum

Levitt

et al. 2016

AAC

View full text Add to dashboard Cite

Abstract. Firewalls are an important tool in the assurance of network security. Packet filtering firewalls are configured by providing a set of rules that identify how to handle individual data packets that arrive at the firewall. In large firewall configurations, conflicts may arise between these rules. Argumentation provides a way of handling conflicts such that their origin is illuminated, and hence can help a system administrator understand the effects of a given configuration. To show how argumentation might help in this domain we examine the use of a system of metalevel argumentation for firewall configuration, showing how it makes conflicts and their origins clear, and showing how different instantiations of a metalevel argumentation system provide alternative ways to resolve conflicts.

show abstract

Using Argumentation Logic for Firewall Policy Specification and Analysis

Cited by 42 publications

References 9 publications

On harnessing information models and ontologies for policy conflict analysis

On harnessing information models and ontologies for policy conflict analysis

An ontology-based Plug-and-Play approach for in-vehicle Time-Sensitive Networking (TSN)

Firewall configuration: An application of multiagent metalevel argumentation

Contact Info

Product

Resources

About