CFP last date
20 December 2024
Reseach Article

Access Control List Provides Security in Network

by Chate A.b., Chirchi V.r.
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 121 - Number 22
Year of Publication: 2015
Authors: Chate A.b., Chirchi V.r.
10.5120/21831-5090

Chate A.b., Chirchi V.r. . Access Control List Provides Security in Network. International Journal of Computer Applications. 121, 22 ( July 2015), 14-16. DOI=10.5120/21831-5090

@article{ 10.5120/21831-5090,
author = { Chate A.b., Chirchi V.r. },
title = { Access Control List Provides Security in Network },
journal = { International Journal of Computer Applications },
issue_date = { July 2015 },
volume = { 121 },
number = { 22 },
month = { July },
year = { 2015 },
issn = { 0975-8887 },
pages = { 14-16 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume121/number22/21831-5090/ },
doi = { 10.5120/21831-5090 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T23:09:07.322515+05:30
%A Chate A.b.
%A Chirchi V.r.
%T Access Control List Provides Security in Network
%J International Journal of Computer Applications
%@ 0975-8887
%V 121
%N 22
%P 14-16
%D 2015
%I Foundation of Computer Science (FCS), NY, USA
Abstract

A significant component representing network security is access control list inspects values of every packet's field and come to a decision how to implement the network policy. Real-life access control list are naturally four dimensional over fields of four packets such as: IP address of source, destination, port number of destination and type of protocol. In several access control list, the source and destination port number fields make use of a range field constraint while the internet protocol address of source and destination and protocol type fields make use of a prefix or else ternary field constraint. Compression of access control lists is functional for system management of network and optimization for the reason that diminishing large access control lists rule sets to a great extent reduces the difficulty of supervising and optimizing configurations of network. Due to an augment in Internet applications besides enhancement in identified vulnerabilities and attacks, compression lists of access control may perhaps sanction users with outsized access control lists to make use of such devices and moreover this may develop into an increasingly critical concern intended for several users. An algorithm of polynomial time optimal was proposed for the weighted one-dimensional prefix compression problem of Access control lists by means of dynamic programming.

References
  1. A. X Liu , E. Torng, and C. R. Meiners, "Compressing Network Access Control List" ,IEEE Transactions On Parallel and Distributed System, vol. 22, pp. 1969-1977,Dec. 2011
  2. A. X. Liu and M. G. Gouda, "Complete Redundancy Detection in Firewalls," Proc. 19th Ann. IFIP Conf. Data and Applications Security, pp. 196-209, Aug. 2005
  3. D. Rovniagin and A. Wool, "The Geometric Efficient Matching Algorithm for Firewalls," technical report, http://www. eng. tau. ac. il/yash/ees2003-6. ps, July 2003.
  4. D. A. Applegate, G. Calinescu, D. S. Johnson, H. Karloff, K. Ligett, and J. Wang, "Compressing Rectilinear Pictures and Minimizing Access Control Lists," Proc. ACM-SIAM Symp. Discrete Algorithms (SODA), Jan. 2007.
  5. Y. -W. E. Sung, X. Sun, S. G. Rao, G. G. Xie, and D. A. Maltz, "Towards Systematic Design of Enterprise Networks," IEEE Trans. Networking, vol. 19, no. 3, pp. 695-708, June 2011.
  6. A. X. Liu and M. G. Gouda, "Complete Redundancy Removal for Packet Classifiers in TCAMs," IEEE Trans. Parallel and Distributed Systems, vol. 21, no. 4, pp. 424-437, Apr. 2010.
  7. Q. Dong, S. Banerjee, J. Wang, D. Agrawal, and A. Shukla, "Packet Classifiers in Ternary CAMs Can Be Smaller," Proc. ACM Joint Int'l Conf. Measurement and Modeling of Computer Systems (SIGMETRICS), pp. 311-322, 2006.
  8. A. X. Liu, Y. Zhou, and C. R. Meiners, "All-Match Based Complete Redundancy Removal for Packet Classifiers in TCAMs," Proc. IEEE INFOCOM, Apr. 2008.
  9. M. G. Gouda and A. X. Liu, "Firewall Design: Consistency, Completeness and Compactness," Proc. IEEE 24th Int'l Conf. Distributed Computing Systems, pp. 320-327, Mar. 2004.
  10. C. R. Meiners, A. X. Liu, and E. Torng, "Bit Weaving: A Non-Prefix Approach to Compressing Packet Classifiers in TCAMs," Proc. IEEE Int'l Conf. Network Protocol (ICNP), 2009.
  11. A. X. Liu, C. R. Meiners, and E. Torng, "TCAM Razor: A Systematic Approach towards Minimizing Packet Classifiers in TCAMs," IEEE Trans. Networking, vol. 18, no. 2, pp. 490-500, Apr. 2010.
  12. M. G. Gouda and A. X. Liu, "Structured Firewall Design," Computer Networks: The Int'l J. Computer and Telecomm. Networking, vol. 51, no. 4, pp. 1106-1120, Mar. 2007.
  13. Y. -W. E. Sung, X. Sun, S. G. Rao, G. G. Xie, and D. A. Maltz, "Towards Systematic Design of Enterprise Networks," Proc. ACM CoNEXT Conf. , 2008.
  14. A. X. Liu and M. G. Gouda, "Diverse Firewall Design," IEEE Trans. Parallel and Distributed Systems, vol. 19, no. 8, pp. 1237- 1251, Sept. 2008.
  15. M. Yu, J. Rexford, M. J. Freedman, and J. Wang, "Scalable Flow- Based Networking with DIFANE," Proc. ACM SIGCOMM, 2010
Index Terms

Computer Science
Information Sciences

Keywords

Access control list Dynamic programming Access control lists compression polynomial time optimal