VERIFICATION OF FILTERING RULES OF SECURITY POLICY BY MODEL CHECKING
I. V. Kotenko
St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, Laboratory of Computer Security Problems ; Professor
Abstract. An approach to verification of filtering rules for detection and resolution of filtering anomalies in computer network security policy is proposed. The approach is based on model checking method. The models of computer system, firewall, and filtering anomalies, which are used for verification of filtering rules by proposed method, along with algorithms of filtering anomaly detection are considered. Based on those models, methodic for verification of filtering rules of security policies is proposed.
Keywords: security policy, filtering rules, verification, model checking.