Firewall Optimization using Cross-Domain Privacy-Preserving

Authors(1) :-S. Kiran Kumar

Firewalls are wide deployed on the internet for securing personal networks. A firewall checks every incoming or outgoing packet to make a decision whether or not to accept or discard the packet supported its policy. Optimizing firewall policies is crucial for rising network performance. previous work on firewall improvement focuses on either intrafirewall or interfirewall improvement inside one body domain wherever the privacy of firewall policies isn't a priority. In existing, formally specifies the resource sharing mechanism between 2 totally different tenants within the presence of our projected cloud resource mediation service. The correctness of permission activation and delegation mechanism among totally different tenants using four distinct algorithms (Activation, Delegation,Forward Revocation and Backward Revocation) is additionally incontestable exploitation formal verification. we propose the primary cross-domain privacy-preserving cooperative firewall policy improvement protocol. Specifically, for any 2 adjacent firewalls happiness to 2 totally different body domains, our protocol will determine in every firewall the foundations which will be removed because of the opposite firewall. The optimization method involves cooperative computation between the 2 firewalls with none party revealing its policy to the opposite. we enforced our protocol and conducted in depth experiments. The results on real firewall policies show that our protocol will take away as several as forty ninth of the foundations in a very firewall, whereas the typical is nineteen.4%. The communication value is a smaller amount than many hundred kilobytes. Our protocol incurs no further on-line packet process overhead, and the offline interval is a smaller amount than many hundred seconds.

Authors and Affiliations

S. Kiran Kumar
MCA Sri Padmavathi College of Computer Sciences And Technology Tiruchanoor, Andhra Pradesh, India

Optimizing firewall, cross-domain privacy-preserving

  1. J. Cheng, H. Yang, S. H. Wong, and S. Lu, "Design and implementation of cross-domain cooperative firewall," in Proc. IEEE ICNP, 2007, pp. 284–293.
  2. Q. Dong, S. Banerjee, J. Wang, D. Agrawal, and A. Shukla, "Packet classifiers in ternary CAMs can be smaller," in Proc. ACM SIGMETRICS, 2006, pp. 311–322.
  3. O. Goldreich, "Secure multi-party computations," Working draft, Ver. 1.4, 2002.
  4. O. Goldreich, Foundations of Cryptography: Volume II (Basic Applications). Cambridge, U.K.: Cambridge Univ. Press, 2004.
  5. M. G. Gouda and A. X. Liu, "Firewall design: Consistency, completeness and compactness," in Proc. IEEE ICDCS, 2004, pp. 320–327.
  6. M. G. Gouda and A. X. Liu, "Structured firewall design," Comput. Netw., vol. 51, no. 4, pp. 1106–1120, 2007.
  7. P. Gupta, "Algorithms for routing lookups and packet classification," Ph.D. dissertation, Stanford Univ., Stanford, CA, 2000.
  8. A. X. Liu and F. Chen, "Collaborative enforcement of firewall policies in virtual private networks," in Proc. ACM PODC, 2008, pp. 95–104.
  9. A. X. Liu and M. G. Gouda, "Diverse firewall design," IEEE Trans. Parallel Distrib. Syst., vol. 19, no. 8, pp. 1237–1251, Sep. 2008.
  10. A. X. Liu and M. G. Gouda, "Complete redundancy removal for packet classifiers in TCAMs," IEEE Trans. Parallel Distrib. Syst., vol. 21, no. 4, pp. 424–437, Apr. 2010.
  11. A. X. Liu, C. R. Meiners, and E. Torng, "TCAM Razor: A systematic approach towards minimizing packet classifiers in TCAMs," IEEE/ACM Trans. Netw., vol. 18, no. 2, pp. 490–500, Apr. 2010.
  12. A. X. Liu, C. R. Meiners, and Y. Zhou, "All-match based complete redundancy removal for packet classifiers in TCAMs," in Proc. IEEE INFOCOM, 2008, pp. 574–582.
  13. Lin, Y., Malik, S.U., Bilal, K., Yang, Q., Wang, Y. and Khan, S.U., 2016. Designing and Modeling of Covert Channels in Operating Systems. IEEE Transactions on Computers, 65(6), pp.1706-1719.
  14. Liu, J. K., Au, M. H., Huang, X., Lu, R., and Li, J., 2016. Fine-Grained Two-Factor Access Control for Web-Based Cloud Computing Services. IEEE Transactions on Information Forensics and Security, 11(3), (pp. 484-497).
  15. Liu, X., Deng, R. H., Choo, K.-K. R. and Weng, J., 2016. An Efficient Privacy-Preserving Outsourced Calculation Toolkit With Multiple Keys. IEEE Transactions on Information Forensics and Security, 11(11), pp. 2401-2414.
  16. Ma, K., Zhang, W. and Tang, Z., 2014. Toward Fine-grained Data-level Access Control Model for Multi-tenant Applications. International Journal of Grid and Distributed Computing, 7(2), pp.79-88.
  17. Murata, T., 1989. Petri nets: Properties, analysis and applications. Proceedings of the IEEE, 77(4), pp.541-580.
  18. Sayler, A., Keller, E. and Grunwald, D., 2013. Jobber: Automating inter-tenant trust in the cloud. In Presented as part of the 5th USENIX Workshop on Hot Topics in Cloud Computing.
  19. C. R. Meiners, A. X. Liu, and E. Torng, "TCAM Razor: A systematic approach towards minimizing packet classifiers in TCAMs," in Proc. IEEE ICNP, 2007, pp. 266–275.
  20. C. R. Meiners, A. X. Liu, and E. Torng, "Bit weaving: A non-prefix approach to compressing packet classifiers in TCAMs," in Proc. IEEE ICNP, 2009, pp. 93–102.

Publication Details

Published in : Volume 3 | Issue 4 | March-April 2018
Date of Publication : 2018-04-30
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 455-458
Manuscript Number : CSEIT1833414
Publisher : Technoscience Academy

ISSN : 2456-3307

Cite This Article :

S. Kiran Kumar, "Firewall Optimization using Cross-Domain Privacy-Preserving", International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 3, Issue 4, pp.455-458, March-April-2018. |          | BibTeX | RIS | CSV

Article Preview