Abstract
In a typical local area network (LAN), the global security policies, often defined in abstract form, are implemented through a set of access control rules (ACL) placed in a distributed fashion to the access switches of its sub-networks. Proper enforcement of the global security policies of the network demands well-defined policy specification as a whole as well as correct implementation of the policies in various interfaces. But, ensuring correctness of the implementation manually is hard due to the complex security policies and presence of hidden access paths in the network. This paper presents a formal verification framework to verify the security implementations in a LAN with respect to a defined security policy. The proposed framework stems from formal models of network security policy specifications, device-specific security implementations, and deploys verification supported by SAT based procedures. The novelty of the work lies in the analysis of the hidden access paths, which plays a significant role in correct security implementations.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
