摘要
分布式防火墙的安全性很大程度上取决于过滤策略正确配置。过滤策略的异常可能导致分布式防火墙系统所保护的网络出现严重的访问漏洞。为了能够自动化地检测分布式防火墙过滤策略存在的异常,对分布式防火墙系统中各过滤节点上的过滤规则之间可能出现的异常进行分类,并建立了一个过滤策略异常检测的模型。该模型能够检测出分布式防火墙过滤规则之间的冗余、冲突、不完整等各种异常,从而保证了分布式防火墙过滤策略的完整性和一致性。
The security of the distribute firewall lies deeply on the correct configuration of filtering policy. The anomalies of the filtering policy will result in fateful access vulnerability of the network protected by the distribute firewall system. In order to discovery the anomalies of the distribute firewall filtering policy automatically, the possible anomalies among the rules of all filtering nodes of the distribute firewall system is classified and defined, and a model for discovering anomalies of distribute firewall filtering policy is made. With this model, all kinds of anomalies such as redundancy anomaly, conflict anomaly and incomplete anomaly among the filtering rules of the distribute firewall is discovered to ensure the integrality and consistency of the filtering policy.
出处
《计算机工程与设计》
CSCD
北大核心
2006年第22期4201-4203,4206,共4页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2003AA146010)
关键词
分布式防火墙
过滤策略
异常检测
过滤结点
过滤规则
distribute firewall
filtering policy
anomaly discovering
filtering node
filtering rule