Firewall Rule Equivalence, Optimization and Parallelization
November 1, 2014
November 1, 2014
This is an abstract for a paper I am writing to present to a security conference. In general terms I present a way to perform firewall rule calculations in O(1), no matter the size of the rule set. However, the primary focus of this presentation is that I prove that this rule calculation output is equivalent to the expected output of an initial firewall rule set. This allows any type of IPv4 and IPv6 packet comparison, such as in routing tables, Firewalls, IDS and access lists.
Translating Firewall rulesets into timed Petri-nets with Multi-Level Modeling, then prove that
For Each r
f(r) = f(r')
I will post more from my paper to my blog as my presentation gets closer.
Thank you for your interest.
.wdnii.
© 2014 Norris Proprietaries Inc.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.