Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
Autor(a) principal: | |
---|---|
Data de Publicação: | 2022 |
Outros Autores: | , , |
Tipo de documento: | Artigo de conferência |
Idioma: | por |
Título da fonte: | Repositório Institucional da UNESP |
Texto Completo: | http://dx.doi.org/10.23919/CISTI54924.2022.9820578 http://hdl.handle.net/11449/241419 |
Resumo: | Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool. |
id |
UNSP_8c752a70eb19833e95be2cfba610bbef |
---|---|
oai_identifier_str |
oai:repositorio.unesp.br:11449/241419 |
network_acronym_str |
UNSP |
network_name_str |
Repositório Institucional da UNESP |
repository_id_str |
2946 |
spelling |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configurationFireasy: uma ferramenta para auxílio na modelagem de políticas de segurança, tradução e compreensão de configurações de firewallsFirewalFirewall rules visualizationPacketFilterSecurity policiesSPML2Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool.Departamento de Matemática e Computação Universidade Estadual Paulista (Unesp), Presidente Prudente-SPDepartamento de Matemática e Computação Universidade Estadual Paulista (Unesp), Presidente Prudente-SPUniversidade Estadual Paulista (UNESP)Marinho Queiróz, Leandro Meira [UNESP]Garcia, Rogério Eduardo [UNESP]Eler, Danilo Medeiros [UNESP]Messias Correia, Ronaldo Celso [UNESP]2023-03-01T21:01:45Z2023-03-01T21:01:45Z2022-01-01info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObjecthttp://dx.doi.org/10.23919/CISTI54924.2022.9820578Iberian Conference on Information Systems and Technologies, CISTI, v. 2022-June.2166-07352166-0727http://hdl.handle.net/11449/24141910.23919/CISTI54924.2022.98205782-s2.0-85134832662Scopusreponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPporIberian Conference on Information Systems and Technologies, CISTIinfo:eu-repo/semantics/openAccess2023-03-01T21:01:51Zoai:repositorio.unesp.br:11449/241419Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462023-03-01T21:01:51Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false |
dc.title.none.fl_str_mv |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration Fireasy: uma ferramenta para auxílio na modelagem de políticas de segurança, tradução e compreensão de configurações de firewalls |
title |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration |
spellingShingle |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration Marinho Queiróz, Leandro Meira [UNESP] Firewal Firewall rules visualization PacketFilter Security policies SPML2 |
title_short |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration |
title_full |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration |
title_fullStr |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration |
title_full_unstemmed |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration |
title_sort |
Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration |
author |
Marinho Queiróz, Leandro Meira [UNESP] |
author_facet |
Marinho Queiróz, Leandro Meira [UNESP] Garcia, Rogério Eduardo [UNESP] Eler, Danilo Medeiros [UNESP] Messias Correia, Ronaldo Celso [UNESP] |
author_role |
author |
author2 |
Garcia, Rogério Eduardo [UNESP] Eler, Danilo Medeiros [UNESP] Messias Correia, Ronaldo Celso [UNESP] |
author2_role |
author author author |
dc.contributor.none.fl_str_mv |
Universidade Estadual Paulista (UNESP) |
dc.contributor.author.fl_str_mv |
Marinho Queiróz, Leandro Meira [UNESP] Garcia, Rogério Eduardo [UNESP] Eler, Danilo Medeiros [UNESP] Messias Correia, Ronaldo Celso [UNESP] |
dc.subject.por.fl_str_mv |
Firewal Firewall rules visualization PacketFilter Security policies SPML2 |
topic |
Firewal Firewall rules visualization PacketFilter Security policies SPML2 |
description |
Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool. |
publishDate |
2022 |
dc.date.none.fl_str_mv |
2022-01-01 2023-03-01T21:01:45Z 2023-03-01T21:01:45Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/conferenceObject |
format |
conferenceObject |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://dx.doi.org/10.23919/CISTI54924.2022.9820578 Iberian Conference on Information Systems and Technologies, CISTI, v. 2022-June. 2166-0735 2166-0727 http://hdl.handle.net/11449/241419 10.23919/CISTI54924.2022.9820578 2-s2.0-85134832662 |
url |
http://dx.doi.org/10.23919/CISTI54924.2022.9820578 http://hdl.handle.net/11449/241419 |
identifier_str_mv |
Iberian Conference on Information Systems and Technologies, CISTI, v. 2022-June. 2166-0735 2166-0727 10.23919/CISTI54924.2022.9820578 2-s2.0-85134832662 |
dc.language.iso.fl_str_mv |
por |
language |
por |
dc.relation.none.fl_str_mv |
Iberian Conference on Information Systems and Technologies, CISTI |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.source.none.fl_str_mv |
Scopus reponame:Repositório Institucional da UNESP instname:Universidade Estadual Paulista (UNESP) instacron:UNESP |
instname_str |
Universidade Estadual Paulista (UNESP) |
instacron_str |
UNESP |
institution |
UNESP |
reponame_str |
Repositório Institucional da UNESP |
collection |
Repositório Institucional da UNESP |
repository.name.fl_str_mv |
Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP) |
repository.mail.fl_str_mv |
|
_version_ |
1799964425744023552 |