To search, Click below search items.


All Published Papers Search Service


Safe and Correctness Strategies for Updating Firewall Policies


A. Kartit, A. Radi, M. El Marraki, B. Regragui


Vol. 11  No. 3  pp. 15-20


Policy deployment is the process by which policy editing commands are issued on firewall, so that the target policy becomes the running policy. Due to the sensitive nature of information transmitted during a policy deployment, the communication between management tool and firewall should be confidential [1]. Much research has already addressed to the specification of policies, conflict detection and optimization, but very little research is devoted to the security and correctness of firewall policy deployment. In this paper, we make some contributions to the correctness of Firewall Policy Deployment and propose an effective solution that will allow us to secure the deployment process of a political target. We show that the category of type I policy editing [2] is incorrect and could lead to security vulnerabilities. We then provide a correct algorithm for Type I Deployment. Our algorithm can be used even for the deployment of policies whose size is very large.


Target Policy Deployment (TPD), Firewall Policy Management (FPM), Securing Exchanges (SE), Security of Policy Deployment (SPD)