The 1st Workshop on Model-Based Verification & Validation Directed Acyclic Graph Modeling of Security Policies for Firewall Testing
Currently network security of institutions highly depend on firewalls, which are used to separate untrusted network from trusted one by enforcing security policies. Security policies used in firewalls are ordered set of rules where each rule is represented as a predicate and an action. This paper proposes modeling of firewall rules via directed acyclic graphs (DAG), from which test cases can be automatically generated for firewall testing. The approach proposed follows test case generation algorithm developed for event sequence graphs. Under a local area network setup with the aid of a specifically developed software for this purpose, generated test cases are converted to network test packets, test packets are sent to the firewall under test (FUT), and sent packets are compared with passed packets to determine test result.
Firewalls Firewall Policies Directed Acyclic Graphs Event Sequence Graphs Firewall Testing Security Testing
T. Tuglular O. Kaya C. A. Müftüoglu F. Belli
Department of Computer Engineering, Izmir Institute of Technology,Turkey Department of Computer Engineering, Izmir Institute of Technology, Turkey Department of Computer Science,Electrical Engineering and Mathematics,University of Paderborn,German
国际会议
上海
英文
393-398
2009-07-08(万方平台首次上网日期,不代表论文的发表时间)