Provably Secure Networks: Methodology and Toolset for Configuration Management [article]

Cornelius Diekmann
2017 arXiv   pre-print
Network administration is an inherently complex task, in particular with regard to security. Using the Isabelle interactive proof assistant, we develop two automated, formally verified tools which help uncovering and preventing bugs in network-level access control configurations. Our first tool guides the process of designing networks from scratch. Our second tool facilitates the analysis of existing iptables configurations. Combined, the two form a powerful toolset.
arXiv:1708.08228v1 fatcat:ljgwja2k6jgunl5g45jnptqx5m