Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration

Detalhes bibliográficos
Autor(a) principal: Marinho Queiróz, Leandro Meira [UNESP]
Data de Publicação: 2022
Outros Autores: Garcia, Rogério Eduardo [UNESP], Eler, Danilo Medeiros [UNESP], Messias Correia, Ronaldo Celso [UNESP]
Tipo de documento: Artigo de conferência
Idioma: por
Título da fonte: Repositório Institucional da UNESP
Texto Completo: http://dx.doi.org/10.23919/CISTI54924.2022.9820578
http://hdl.handle.net/11449/241419
Resumo: Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool.
id UNSP_8c752a70eb19833e95be2cfba610bbef
oai_identifier_str oai:repositorio.unesp.br:11449/241419
network_acronym_str UNSP
network_name_str Repositório Institucional da UNESP
repository_id_str 2946
spelling Fireasy: a tool to aid security policy modeling, translation and understanding firewall configurationFireasy: uma ferramenta para auxílio na modelagem de políticas de segurança, tradução e compreensão de configurações de firewallsFirewalFirewall rules visualizationPacketFilterSecurity policiesSPML2Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool.Departamento de Matemática e Computação Universidade Estadual Paulista (Unesp), Presidente Prudente-SPDepartamento de Matemática e Computação Universidade Estadual Paulista (Unesp), Presidente Prudente-SPUniversidade Estadual Paulista (UNESP)Marinho Queiróz, Leandro Meira [UNESP]Garcia, Rogério Eduardo [UNESP]Eler, Danilo Medeiros [UNESP]Messias Correia, Ronaldo Celso [UNESP]2023-03-01T21:01:45Z2023-03-01T21:01:45Z2022-01-01info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObjecthttp://dx.doi.org/10.23919/CISTI54924.2022.9820578Iberian Conference on Information Systems and Technologies, CISTI, v. 2022-June.2166-07352166-0727http://hdl.handle.net/11449/24141910.23919/CISTI54924.2022.98205782-s2.0-85134832662Scopusreponame:Repositório Institucional da UNESPinstname:Universidade Estadual Paulista (UNESP)instacron:UNESPporIberian Conference on Information Systems and Technologies, CISTIinfo:eu-repo/semantics/openAccess2023-03-01T21:01:51Zoai:repositorio.unesp.br:11449/241419Repositório InstitucionalPUBhttp://repositorio.unesp.br/oai/requestopendoar:29462023-03-01T21:01:51Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)false
dc.title.none.fl_str_mv Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
Fireasy: uma ferramenta para auxílio na modelagem de políticas de segurança, tradução e compreensão de configurações de firewalls
title Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
spellingShingle Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
Marinho Queiróz, Leandro Meira [UNESP]
Firewal
Firewall rules visualization
PacketFilter
Security policies
SPML2
title_short Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
title_full Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
title_fullStr Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
title_full_unstemmed Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
title_sort Fireasy: a tool to aid security policy modeling, translation and understanding firewall configuration
author Marinho Queiróz, Leandro Meira [UNESP]
author_facet Marinho Queiróz, Leandro Meira [UNESP]
Garcia, Rogério Eduardo [UNESP]
Eler, Danilo Medeiros [UNESP]
Messias Correia, Ronaldo Celso [UNESP]
author_role author
author2 Garcia, Rogério Eduardo [UNESP]
Eler, Danilo Medeiros [UNESP]
Messias Correia, Ronaldo Celso [UNESP]
author2_role author
author
author
dc.contributor.none.fl_str_mv Universidade Estadual Paulista (UNESP)
dc.contributor.author.fl_str_mv Marinho Queiróz, Leandro Meira [UNESP]
Garcia, Rogério Eduardo [UNESP]
Eler, Danilo Medeiros [UNESP]
Messias Correia, Ronaldo Celso [UNESP]
dc.subject.por.fl_str_mv Firewal
Firewall rules visualization
PacketFilter
Security policies
SPML2
topic Firewal
Firewall rules visualization
PacketFilter
Security policies
SPML2
description Companies store increasing amounts of data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, such as network protection services, firewalls. They are intended to filter packets that enter and leave a network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. In this work, concepts related to security between networks and firewalls are presented. Related works on security policies and their translations into firewall rules are also referenced. Furthermore, the developed tool, named Fireasy, is presented, which allows the modeling of security policies through graphic elements, and the maintenance of rules written in native firewall language, also representing them in graphic elements. Finally, a controlled experiment was conducted to validate the approach, which indicated, in addition to the correct functioning of the tool, an improvement in the translation of security policies into firewall rules using the tool. In the task of understanding firewall rules, there was a homogenization of the participants' performance when they used the tool.
publishDate 2022
dc.date.none.fl_str_mv 2022-01-01
2023-03-01T21:01:45Z
2023-03-01T21:01:45Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/conferenceObject
format conferenceObject
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://dx.doi.org/10.23919/CISTI54924.2022.9820578
Iberian Conference on Information Systems and Technologies, CISTI, v. 2022-June.
2166-0735
2166-0727
http://hdl.handle.net/11449/241419
10.23919/CISTI54924.2022.9820578
2-s2.0-85134832662
url http://dx.doi.org/10.23919/CISTI54924.2022.9820578
http://hdl.handle.net/11449/241419
identifier_str_mv Iberian Conference on Information Systems and Technologies, CISTI, v. 2022-June.
2166-0735
2166-0727
10.23919/CISTI54924.2022.9820578
2-s2.0-85134832662
dc.language.iso.fl_str_mv por
language por
dc.relation.none.fl_str_mv Iberian Conference on Information Systems and Technologies, CISTI
dc.rights.driver.fl_str_mv info:eu-repo/semantics/openAccess
eu_rights_str_mv openAccess
dc.source.none.fl_str_mv Scopus
reponame:Repositório Institucional da UNESP
instname:Universidade Estadual Paulista (UNESP)
instacron:UNESP
instname_str Universidade Estadual Paulista (UNESP)
instacron_str UNESP
institution UNESP
reponame_str Repositório Institucional da UNESP
collection Repositório Institucional da UNESP
repository.name.fl_str_mv Repositório Institucional da UNESP - Universidade Estadual Paulista (UNESP)
repository.mail.fl_str_mv
_version_ 1799964425744023552