The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Modeling Firewalls Using Hierarchical Colored Petri Nets

Download

Download PDF Document
PDF

Author

Christoph Schuba and Eugene H. Spafford

Tech report number

CERIAS TR 2001-98

Entry type

conference

Abstract

This paper concentrates on one technological aspect of providing communications security, firewall technology. It introduces a formalism called Hierarchical Colored Petri Nets (HCPN) in tutorial style. The main contribution of the paper is a description of how to model fire- wall systems using Hierarchical Colored Petri Nets. A byproduct of this approach is a novel way of modeling audit streams in distributed systems. HCPNs are well suited for modeling concurrent, distributed systems in which regulated flows of information are significant, such as firewall systems which enforce access control policies on network packets. The paper introduces the basics of this modeling technique. It demonstrates with several examples how firewalls can be modeled. It outlines how simulations of such models can facilitate testing, performance analysis, and interactive design exploration. Finally, the approach can serve as the basis for formal analysis techniques available through Applied Petri Net Theory.

Download

PDF

Date

1999 – 10

URL

http://www.schuba.com/christop ... to-iw/fw-hcpn-nato-99.pdf

Key alpha

Spafford

Note

NATO Symposium on Protecting Information Systems in the 21st Century October 1999

Publication Date

2001-10-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.