Skip to Main content Skip to Navigation
Journal articles

Mining a high level access control policy in a network with multiple firewalls

Abstract : A policy mining approach that aims to automatically extract a high level of abstraction policy from the rules configured on a firewall has been recently proposed. This technique is likely to considerably facilitate firewall management. However, protecting the information system of a business organization usually requires the enforcement of more than one firewall. In this paper, we augment the policy mining approach by an additional processing for a network access control policy mining. We develop the problem of integration of Net-RBAC policies resulting from policy mining over several firewalls in order to mine a high level network policy. Moreover, we show how to verify security properties related to the deployment consistency over the firewalls. We illustrate the network policy mining approach by a realistic example, and we experimentally evaluate the performance of our merger algorithms.
Document type :
Journal articles
Complete list of metadata
Contributor : Bibliothèque Télécom Bretagne <>
Submitted on : Thursday, October 1, 2015 - 11:55:24 AM
Last modification on : Tuesday, April 20, 2021 - 10:32:06 AM


  • HAL Id : hal-01207768, version 1


Safaa Hachana, Nora Cuppens-Bouhlahia, Frédéric Cuppens. Mining a high level access control policy in a network with multiple firewalls. Journal of information security and applications, Elsevier, 2015, 20, pp.61 - 73. ⟨hal-01207768⟩



Record views