Beiträge in Tagungsbänden:
C. Bodei, P. Degano, R. Focardi, L. Galletta, M. Tempesta:
"Transcompiling Firewalls";
in: "Principles of Security and Trust: 7th International Conference, POST 2018 Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018 Thessaloniki, Greece, April 14-20, 2018, Proceedings",
LNCS 10804;
herausgegeben von: ETAPS;
Springer International Publishing AG,
Cham,
2018,
ISBN: 978-3-319-89721-9,
S. 303
- 324.
Kurzfassung englisch:
Porting a policy from a firewall system to another is a difficult and error prone task. Indeed, network administrators have to know in detail the policy meaning, as well as the internals of the firewall systems and of their languages. Equally difficult is policy maintenance and refactoring, e.g., removing useless or redundant rules. In this paper, we present a transcompiling pipeline that automatically tackles both problems: it can be used to port a policy into an equivalent one, when the target firewall language is different from the source one; when the two languages coincide, transcompiling supports policy maintenance and refactoring. Our transcompiler and its correctness are based on a formal intermediate firewall language that we endow with a formal semantics.
"Offizielle" elektronische Version der Publikation (entsprechend ihrem Digital Object Identifier - DOI)
http://dx.doi.org/10.1007/978-3-319-89722-6
Elektronische Version der Publikation:
https://publik.tuwien.ac.at/files/publik_279119.pdf
Erstellt aus der Publikationsdatenbank der Technischen Universität Wien.