A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
Case Studies of SCADA Firewall Configurations and the Implications for Best Practices
2016
IEEE Transactions on Network and Service Management
Preserved Fulltext
Lack of automation tools to assist with this critical task has resulted in unoptimised, error prone configurations that expose these networks to cyber attacks. ...
But these best practices lack specification in several key aspects needed to allow a firewall to be automatically configured. ...
Morris Sloman and anonymous reviewers for their insightful feedback. ...
doi:10.1109/tnsm.2016.2597245
fatcat:thc3rjhdfjd6ria5mmtvrbjkpa
FIREMAN: a toolkit for firewall modeling and analysis
2006
2006 IEEE Symposium on Security and Privacy (S&P'06)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2007; you can also visit the original URL.
The file type is application/pdf.
We have experimented with FIREMAN and used it to uncover several real misconfigurations in enterprise networks, some of which have been subsequently confirmed and corrected by the administrators of these ...
Security concerns are becoming increasingly critical in networked systems. Firewalls provide important defense for network security. ...
First, a production network may consist of firewall products from different vendors, each with their own configuration languages and operation models. ...
doi:10.1109/sp.2006.16
dblp:conf/sp/YuanMSCCM06
fatcat:67wnfy3z5nbvtjnje5hwa4pit4
Taking the Edge off with Espresso
2017
Proceedings of the Conference of the ACM Special Interest Group on Data Communication - SIGCOMM '17
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Espresso has been in production for two years and serves over 22% of Google's total traffic to the Internet. ...
Overall, Espresso provides Google a scalable peering edge that is programmable, reliable, and integrated with global traffic systems. ...
ACKNOWLEDGMENT Many teams has contributed to the success of Espresso and it would be impossible to list everyone that has helped make the project successful. ...
doi:10.1145/3098822.3098854
dblp:conf/sigcomm/YapMRPHBHKNJLRR17
fatcat:gbbobair4raa3oycysvy6sw3si
VISCR: Intuitive Conflict-free Automation for Securing the Dynamic Consumer IoT Infrastructures
[article]
2019
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Using the two, VISCR can automatically detect rouge policies, conflicts, and bugs for coherent automation. ...
In terms of performance, VISCR can generate 400 abstraction trees (used in specifying policies) with 100K leaf nodes in <1.2sec. ...
Similar techniques have also been used for detecting bugs and vulnerabilities in network configurations [46, 47] . ...
arXiv:1907.13288v1
fatcat:7idm4hiehfavniohlv5ymrzw3u
Neural language models for network configuration: Opportunities and reality check
[article]
2022
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Other Versions
By extension, NLP has potential for application to network configuration languages as well, for instance considering tasks such as network configuration verification, synthesis, and cross-vendor translation ...
and expected performance, and qualitatively assess whether similar techniques can benefit corresponding use-cases in networking. ...
ACL rule configuration updates. ...
arXiv:2205.01398v2
fatcat:wguzrmqf3zcm7mfjkpgso3ggoe
Identifying the Missing Aspects of the ANSI/ISA Best Practices for Security Policy
2015
Proceedings of the 1st ACM Workshop on Cyber-Physical System Security - CPSS '15
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
ANSI best practices lack specification in several key aspects needed to allow a firewall to be automatically configured. ...
Firewall configuration is a critical activity for the Supervisory Control and Data Acquisition (SCADA) networks that control power stations, water distribution, factory automation, etc. ...
It involves training in proprietary and device specific configuration languages and long and complex device configurations. ...
doi:10.1145/2732198.2732201
dblp:conf/ccs/RanathungaRKFN15
fatcat:zjsjz4s7ybao3aplc7nlebcmkq
Mobeet: A Multi-agent Framework for Ubiquitous Information Systems
[chapter]
2005
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2010; you can also visit the original URL.
The file type is application/pdf.
In recent years, the rapid development of network infrastructure and the spread of terminals capable of network access have made it possible to access networks at any place and at any time. ...
Ubiquitous information systems, in which necessary information can be accessed easily and safely at any place, are becoming an important issue. ...
The PA communicates with other agents by using the Agent Communication Language (ACL [4, 5] ). ...
doi:10.1007/11426714_2
fatcat:qyjxld3e4neklgjz473cqsyb4i
The Mathematical Foundations for Mapping Policies to Network Devices
2016
Proceedings of the 13th International Joint Conference on e-Business and Telecommunications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We show the value of our proposed algebras in maintaining concise network-device configurations by applying them to real-world networks. ...
A common requirement in policy specification languages is the ability to map policies to the underlying network devices. ...
ACKNOWLEDGEMENTS This project was supported by an Australian Postgraduate Award, Australian Research Council Linkage Grant LP100200493 and CQR Consulting. ...
doi:10.5220/0005946201970206
dblp:conf/secrypt/RanathungaRKF16
fatcat:u2oejodsezg7th3lj3lrl3v7xy
A secure plan
2003
IEEE Transactions on Systems Man and Cybernetics Part C (Applications and Reviews)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2006; you can also visit the original URL.
The file type is application/pdf.
Security is obtained with a two-level architecture that combines a functionally restricted packet language, PLAN [2], with an environment of general-purpose service routines governed by trust management ...
The design and implementation of an active-network firewall and virtual private network is used as an application of the security architecture. ...
Moore, and T. Jim for helpful discussions concerning this work, and the anonymous referees for providing useful feedback. We would also like to thank T. ...
doi:10.1109/tsmcc.2003.817347
fatcat:7r5fd3b72zdytajaprysju47cm
A Secure Plan
[chapter]
1999
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2006; you can also visit the original URL.
The file type is application/pdf.
Security is obtained with a two-level architecture that combines a functionally restricted packet language, PLAN [2], with an environment of general-purpose service routines governed by trust management ...
The design and implementation of an active-network firewall and virtual private network is used as an application of the security architecture. ...
Moore, and T. Jim for helpful discussions concerning this work, and the anonymous referees for providing useful feedback. We would also like to thank T. ...
doi:10.1007/978-3-540-48507-0_28
fatcat:yhwmyta2bzetzgqz5v5ve25q2y
Agents for the masses
1999
IEEE Intelligent Systems and their Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2005; you can also visit the original URL.
The file type is application/pdf.
Significantly, the current trapped state of our agents has less to do with lack of mobility mechanisms than with their unpreparedness to work fully in the open world of cyberspace and to interoperate outside ...
Advances in the difficult theoretical issues of dynamic agent communication, coordination, and control are beginning to let us better understand how to deploy large numbers of agents with confidence. ...
Finally, with explicit policies governing different types of agent behavior, we can begin to understand and predict how policies would compose with one another, and how we might automatically generate ...
doi:10.1109/5254.757632
fatcat:cxox4xlaqnewnmdkvee4isaylq
Smart Contracts for Distributed Databases
2020
Zenodo
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
In order to realize communication between Smart Contracts and distributed databases, in an accessible way, the Smart Contract Application Language for Databases (SCALD) is designed. ...
The basic concept of ETHVAM and SCALD is demonstrated with simple application examples in this work. Furthermore, the security of this system is evaluated and possible vulnerabilities are identified. ...
The entry is only readable by the author and the validator who will approve the entry. The ACLs allow only the client to update the entry in a ten days period beginning with the entry's creation. ...
doi:10.5281/zenodo.3753306
fatcat:w5ont556i5gvjaikfi2t5wf5zu
Role of Device Identification and Manufacturer Usage Description in IoT security: A Survey
2021
IEEE Access
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
The prime aim of this work is to examine the MUD benefits in IoT security along with the weaknesses and challenges while implementing this standard along with future directions. ...
This paper initially identifies and classifies the potential vulnerabilities in IoT devices. ...
ACKNOWLEDGMENT The authors of this research would like to thank the anonymous reviewers for the valuable comments and constructive suggestions, and their insights to improve the quality of the manuscript ...
doi:10.1109/access.2021.3065123
fatcat:5gofmkoawbccvhum5zuo3i7vya
The Mathematical Foundations for Mapping Policies to Network Devices (Technical Report)
[article]
2016
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
We show the value of our proposed algebras in maintaining concise network-device configurations by applying them to real-world networks. ...
A common requirement in policy specification languages is the ability to map policies to the underlying network devices. ...
., assigned) ACL rules in each case study by parsing the firewall configurations as per (Ranathunga et al., 2015b) . ...
arXiv:1605.09115v1
fatcat:lpub3kg5mfcltnnuqebny6lise
Computer-Aided Software Engineering in a distributed workstation environment
1984
SIGPLAN notices
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf.
Acknowledgement s In addition to the authors, DSEE project members Gordon McLean, Howard Spilke, John Yates, and Pat Bergeron contributed to this paper. ...
The intent of this paper is to describe DSEE and contrast it with other systems in terms of g Alg and functionality. ...
Network gateways are available for communication with other vendors' networks, and the store and forward message passing utility can be used in conjunction with gateways to support Inter-network tasks ...
doi:10.1145/390011.808255
fatcat:evqcltw3rfflxc6mdewyeeqihe
« Previous
Showing results 1 — 15 out of 568 results