Firewall conformance testing

Lecture Notes in Computer Science

Volumn 3502, Issue , 2005, Pages 226-241

  Senn, Diana ^a   Basin, David ^a   Caronni, Germano ^a  

^a ETH ZURICH   (Switzerland)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; ERROR CORRECTION; PROBLEM SOLVING; SECURITY OF DATA; TOPOLOGY; COMPUTER SYSTEM FIREWALLS; ELECTRIC NETWORK TOPOLOGY; MOBILE SECURITY; SECURITY SYSTEMS;

CONFORMANCE TESTING; FIREWALL PRODUCTS; NETWORK TOPOLOGY; SECURITY POLICY; DEPLOYED SYSTEMS; FIREWALL TESTING; PENETRATION TESTING; SECURITY REQUIREMENTS;

COMPUTER SYSTEM FIREWALLS; NETWORK SECURITY;

EID: 24944508565     PISSN: 03029743     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1007/11430230_16     Document Type: Conference Paper

References (16)

1. +01] J. Burns, A. Cheng, P. Gurung, S. Rajagopalan, P. Rao, D. Rosenbluth, A.V. Surendran, and D.M. Martin. Automatic management of network security policy. In Proceedings of DISCEX II, 2001.
2. [BMNW99] Yair Bartal, Alain J. Mayer, Kobbi Nissim, and Avishai Wool. Firmato: A novel firewall management toolkit. In IEEE Symposium on Security and Privacy, pages 17-31, 1999.
3. [BMNW03] Yair Bartal, Alain J. Mayer, Kobbi Nissim, and Avishai Wool. Firmato: A novel firewall management toolkit. Technical report, Dept. Electrical Engineering Systems, Tel Aviv University, Ramat Aviv 69978 Israel, February 2003.
4. [Cho78] Tsun S. Chow. Testing software design modeled by finite-state machines. In IEEE Transactions on Software Engineering, Vol. SE-4, No 3, pages 178-187, May 1978.
5. [FLYV93] V. Fuller, T. Li, J. Yu, and K. Varadhan. RFC 1519: Classless interdomain routing (CIDR): an address assignment and aggregation strategy. http://www.ietf.org/rfc/rfc1519.txt, September 1993.
6. [GG75] John B. Goodenough and Susan L. Gerhart. Toward a theory of test data selection. In IEEE Transactions on Software Engineering (TSE), Volume 1, Number 2, pages 156-173, June 1975.
7. [Gil61] A. Gill. State-identification experiments in finite automata. In Information and Control, vol. 4, pages 132-154, 1961.
8. [Gil62] A. Gill. Introduction to the Theory of Finite-state Machines. McGraw-Hill, 1962.
9. [Gut97] J. D. Guttman. Filtering postures: Local enforcement for global policies. In 1997 IEEE Symposium on Security and Privacy, pages 120-129, Oakland, CA, 1997. IEEE Computer Society Press.
10. [Hae97] Reto E. Haeni. Firewall penetration testing. Technical report, The George Washington University Cyberspace Policy Institute, 2033 K St, Suite 340N, Washington, DC, 20006, US, January 1997.
11. [JW01] Jan Jürjens and Guido Wimmel. Specification-based testing of firewalls. In Andrei Ershov, editor, 4th International Conference Perspectives of System Informatics (PSI'01), LNCS. Springer, 2001.
12. [MWZ00] Alain Mayer, Avishai Wool, and Elisha Ziskind. Fang: A firewall analysis engine. In Proceedings of the 2000 IEEE Symposium on Security and Privacy (S&P 2000), pages 177-187, May 2000.
13. +02] J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, and E. Schooler. RFC 3261 SIP: Session initiation protocol. http://www.ietf.org/rfc/rfc3261.txt, June 2002.
14. [Sch96] E. Schultz. How to perform effective firewall testing. In Computer Security Journal, vol. 12, no. 1, pages 47-54, 1996.
15. [SD88] Krishan Sabnani and Anton Dahbura. A protocol test generation procedure. In Computer Networks and ISDN Systems 15, pages 285-297, 1988.
16. [Woo01] A. Wool. Architecting the lumeta firewall analyzer. In Proceedings of the 10th USENIX Security Symposium, pages 85-97, August 2001.