Model-Based Firewall Conformance Testing
نویسندگان
چکیده
Firewalls are a cornerstone of todays security infrastructure for networks. Their configuration, implementing a firewall policy, is inherently complex, hard to understand, and difficult to validate. We present a substantial case study performed with the model-based testing tool HOL-TestGen. Based on a formal model of firewalls and their policies in higher-order logic (HOL), we first present a derived theory for simplifying policies. We discuss different test plans for test specifications. Finally, we show how to integrate these issues to a domain-specific firewall testing tool HOL-TestGen/fw.
منابع مشابه
Formal firewall conformance testing: an application of test and proof techniques
fo r yo ur pe rs on al us e. N ot fo r re di st rib ut io n. Th e de fin iti ve ve rs io n w as pu bl is he d in So ftw ar e Te st in g, Ve ri fic at io n & Re lia bi lit y (S TV R) ,p p. 1– 40 ,2 01 4. SOFTWARE TESTING, VERIFICATION AND RELIABILITY Softw. Test. Verif. Reliab. 2014; 00:1–40 Published online in Wiley InterScience (www.interscience.wiley.com). DOI: 10.1002/stvr Formal Firewall Co...
متن کاملAn Environment for Specification-Based Firewall Conformance Testing
The HOL-TestGen environment is conceived as a system for modeling and semi-automated test generation with an emphasis on expressive power and generality. However, its underlying technical framework Isabelle/HOL supports the customization as well as the development of highly automated add-ons working in specific application domains. In this paper, we present HOL-TestGen/fw, an add-on for the tes...
متن کاملhol-TestGen/fw - An Environment for Specification-Based Firewall Conformance Testing
The HOL-TestGen environment is conceived as a system for modeling and semi-automated test generation with an emphasis on expressive power and generality. However, its underlying technical framework Isabelle/HOL supports the customization as well as the development of highly automated add-ons working in specific application domains. In this paper, we present HOL-TestGen/fw, an add-on for the tes...
متن کاملFirewall Conformance Testing
Test Cases for Mealy AutomataIdea: Ensure that every transition of a specification automatonMspec is correctly implemented in the implementation automatonMimp.For every transition from state si to state sj do:in generalfor TCP1) Bring Mimp to the initial state s1Use RST2) Transfer Mimp to state si3) Test the transitionUse a Test Tree4) Verify that...
متن کاملFT-FW: A cluster-based fault-tolerant architecture for stateful firewalls
Nowadays, stateful firewalls are part of the critical infrastructure of the Internet. Basically, they help to protect network services and users against attackers by means of access control and protocol conformance checkings. However, stateful firewalls are problematic from the fault-tolerance perspective since they introduce a single point of failure in the network schema. In this work, we sum...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008