The week's pick
Random Articles
Reseach Article
A Novel Technique for Effective Optimization of Cross Domain Network Protocol for Redundancy Removal in Firewall Policies
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 122 - Number 22 |
| Year of Publication: 2015 |
| Authors: Madhura M.unde, Simran Khiani |
10.5120/21857-5178
|
Madhura M.unde, Simran Khiani . A Novel Technique for Effective Optimization of Cross Domain Network Protocol for Redundancy Removal in Firewall Policies. International Journal of Computer Applications. 122, 22 ( July 2015), 16-21. DOI=10.5120/21857-5178
Abstract
In today's rapidly progressing professional world, internet is being used as a medium for almost every operation. Firewalls are extensively implemented to prevent unauthorized access to concealed networks and secure them. Based upon the applied policies a firewall can approve or decline the data packet by scrutinizing them. The large size and intricacy of modern networks result in big and complex firewall policies. Optimizing these policies is crucial for network performance inflation. Existing system facilitates inter-firewall or intra-firewall optimization within similar sets of administrative domains. They try to achieve optimization but at the cost of decreased network performance. In this paper, a protocol to increase the network performance while the cross domain firewall rules are optimized is explained. Rule optimization is achieved by redundant rule removal between the two firewalls. For boosting the performance and security, the data sent over the network will be encrypted and decrypted over a session key. Two types of rules i. e. network and user rules are supported. User can configure his own rules as per the required configuration in appropriate domain. Network rules will be common for both the domains and can be updated by the network administrator. The key technical experimentation is that firewall policies cannot be involved within similar domain areas because a firewall strategy contains exhaustive information and even potential security holes.
References
- James F. Kurose and Keith W. Ross, "Computer Networking: A Top-Down Approach", Addison-Wesley Publication,6th Edition, pp. 641, Copyright 1996-2000
- El- Sayed M and El- Alfy, "A Heuristic Approach for Firewall policy optimization", ICACT Conference: Advanced Communication Technology, vol. 3, pp. 1782-1787, FEB 2007.
- Tihomir Katic and Predrag Pale, "Optimization of Firewall Rules", Information Technology Interfaces, 29th International Conference, pp. 685-690, June 2007
- Fei Chen, Bezawada Bruhadeshwar, and Alex X. Liu, "Cross-Domain Privacy – Preserving Cooperative Firewall Optimization", IEEE/ACM transactions on Networking, vol. 21, Issue no. 3, pp. 857-868, June 2013.
- A. X. Liu and M. G. Gouda, "Complete redundancy removal for packet classifiers in TCAMs", IEEE Transactions on Parallel and Distributed Systems, vol. 21, no. 4, pp. 424–437, April 2010.
- J. Cheng, H. Yang, S. H. Wong, and S. Lu, "Design and implementation of Cross-domain cooperative firewall", IEEE International Conference on Network Protocols, pp. 284– 293, Oct. 2007
- J. Brickell and V. Shmatikov, "Privacy-Preserving Graph Algorithms in the Semi-honest Model", Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security, pp. 236-252, 2005
- E. Al – Shaer and H. Hamed, "Discovery of policy anomalies in Distributed firewalls", Twenty-third Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 4, pp. 2605–2616, 2004
- A. X. Liu, C. R. Meiners, and Y. Zhou, "All- match based complete redundancy removal for packet classifiers in TCAMs", The 27th Conference on Computer Communications. IEEE, pp. 574–582, 2008
Index Terms
Keywords