Professional Documents
Culture Documents
ISSN 1818.4952
IDOSI Publications, 2009
INTRODUCTION
Corresponding Author: Mohsen Rezvani, Department of Information Technology and Computer Engineering,
Shahrood University of Technology, Shahrood, Iran
188
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
RELATED WORK
Based on
the
above
requirements, we
propose a method for security policy specification
in firewalls. A language based on the Deontic logic is
the core of our method. The language supports
separation of the security policy from the network
topology as well as automatic generation of an existing
firewall rules.
Syntax of the language: The syntax of our
proposed security policy specification language
covers two parts:
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
=
F
Ci
R is a finite set of roles.
(1 i n )
Op is a set of relations on roles. For example,
F = C
(1 i n)
inheritance is a relation. If role x inherits from role y,
F = C
(1 i n)
then all hosts playing role x will do play role x.
=
I0F I0C
(1 i n )
S is a finite set of services in network.
T is a finite set of time periods.
P is a finite set of primitive propositions. The
As security policy in firewalls is specified at the
propositions specify connections. On the other
lowest level based on connections, semantics of the
hand, each proposition introduces a set of
language can use only the first level of the state
connections between two roles. For example, a
transition machine. To represent the semantics, first we
s
define the matching function , followed by defining
proposition can be x
y ; where x and y are
how to apply security policy via a single state. Finally
roles, s is a service and t is a time period. This
applying security policy by a state transition machine is
proposition represents all connections from role x
defined.
to role y with service s at time period t. Operator
Assume that the set of truth-values is B = {Accept,
specifies direction of connections. Other operators
Reject, NoMatch}. Function maps a primitive
for this concept are and .
proposition to the set of its matching connections. The
A is a sequence of security propositions; each
matching function returns result of matching a
proposition is a Deontic logic formula. The
connection
with a security proposition. Matching a
propositions are main part of security policy
connection c with security proposition denoted as
specifications.
(c, , ) and is defined as:
i
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
1.
2.
3.
4.
5.
6.
7.
8.
9.
(1)
C X 1 C X 2 ... C X n A
(2)
s 28
s27
s26
s25
s 24
s 23 s 22
s21 s 20
s19 s18
s17
s16
s 31s 30 s 29
s13 s12 s11
s10 s 9 s8 s7 s6 s5s4 s3s 2 s1s 0
s15 s14
191
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
P1, P2 SP (A 1 A 2 )
( C1 C2 ) ( C 2 C 1) ( C1 C2 )
P1 : C1 A1
P1, P2 SP (A 1 A2 ) (C1 C2
(4)
Pn : C n An
P1 , P2 , , Pk , Pn SP ( An A1 )
( A1 A2 ) ( A k 1 A k )
C n (C1 C2 Ck )
(6)
P2 : C2 A2
P1 : C1 A1
P2 : C2 A 2
(5)
P2 : C2 A2
(3)
P2 : C2 A2
P1, P2 SP (A 1 A2 ) (C1 C2
P1 : C1 A 1
P1 : C1 A1
P2 : C2 A 2
Pn : C n An
192
(7)
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
P1 , P2 , , Pk , Pn SP ( An A1 )
( A1 A2 ) ( A k 1 A k )
( C1 C2 Ck ) Cn
(8)
P1, P2 SP ( A1 A2 ) (C2 C1 )
Pn : C n An
(9)
P1 , P2 , , Pk , Pn SP ( An A1 )
( A1 A2 ) ( A k 1 A k )
C n (C1 C2 Ck )
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
(C
C )
1
Shadow
Anomaly
(C C )
2
1
(C 1 C 2 )
Generalization
Anomaly
(C1 C2 )
Binary Proposition
P , P SP
1 2
(A A )
1
2
Security Policy
( C1 C 2 )
( C1 C 2 )
(C 1 C 2 )
( C1 C 2 )
Correlation
Anomaly
NO
Anomaly
( C2 C1)
Redundant
Anomaly
(C C )
2
1
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
1.ResolveSimpleAnomaly (SP)
2. for each Pj in SP
3.
Pj translated to Cj, Aj
4.
for each Pi in SP except Pj
5.
Pi translated to Ci , Ai
6.
if orderi > orderj then
7.
C1 =Ci ,C2 =Cj , A1 =Ai, A2 =Aj
8.
else
9.
C1 =Cj, C2 =Ci , A1 =Aj, A2 =Ai
10.
if not BDD_Satisfy (A1 ? A2 ) then
11.
if BDD_Satisfy (C2 ? C1 ) then
12.
Remove (R2), Return
13.
if BDD_Satisfy (A1 ? A2 ) then
14.
if BDD_Satisfy (C2 ? C1 ) then
15.
Remove (P2 ), Return
16. end ResolveSimpleAnomaly
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
Table 1: Processing time (milisecond) for simple and total anomaly discovery
Propos. No.
Simple anomaly
Total anomaly
-----------------------------------------------------------------------------
------------------------------------------------------
Shadow
Shadow
Correlation
Generalization
Redundancy
Generalization
Redundancy
101
15
15
15
15
16
16
16
201
15
15
15
15
16
16
16
501
15
16
16
16
16
16
16
1001
16
16
16
16
16
15
15
2001
31
32
31
31
31
32
31
5001
78
96
94
78
78
78
78
10001
187
172
184
172
157
156
135
20001
453
454
438
422
359
312
375
50001
1078
1125
1109
1312
1047
1063
1000
100001
2562
2250
2156
2313
2078
2000
2453
3000
2500
2000
Simple Shadow
1500
Simple Correlation
Simple Generalization
1000
Simple Redundancy
500
0
0
20000
40000
60000
80000
100000
120000
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
5.
3000
2500
2000
Total Shadow
1500
6.
Total Generalization
Total Redundancy
1000
500
7.
0
0
20000
40000
60000
80000
100000
120000
8.
9.
10.
11.
12.
REFERENCES
1.
2.
3.
4.
14.
15.
16.
197
World Appl. Sci. J., 7 (Special Issue of Computer & IT): 188-198, 2009
198