| Title: | Survey on the Use of Formal Languages/Models for the Specification, Verification, and Enforcement of Network Access-lists |
| Authors: | Adel El-Atawy |
| Abstract: | Complexity of access-lists
and the diversity of their specifications are continuously increasing.
Stating the high level requirements as well as verification of the
implemented policies became an impossible task if human intervention is
required. Also, proving the soundness of these inter-related and
confusing policies is very hard without an appropriate framework.
Therefore, a formal and canonical specification for security
access-lists is highly needed for us to be able to specify requirements,
verify correctness and enforce the policy. In this paper, we present some of the work available in the literature that discusses these problems and propose solutions for having an automated network security policy management. |
| Keywords: | Security Policy, Formal Models, Access Control, Access List |
| Full Paper: | [pdf] |