RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Usable Firewall Rule Sets
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap. (PriSec)ORCID-id: 0000-0001-9203-0773
2017 (engelsk)Licentiatavhandling, med artikler (Annet vitenskapelig)
Abstract [en]

Correct functioning is the most important requirement for any system. Nowadays there are a lot of threats to computer systems that undermine confidence in them and, as a result, force a user to abandon their use. Hence, a system cannot be trusted if there is no proper security provided. Firewalls are an essential component of network security and there is an obvious need for their use.

The level of security provided by a firewall depends on how well it is configured. Thus, to ensure the proper level of network security, it is necessary to have properly configured firewalls. However, setting up the firewall correctly is a very challenging task. These configuration files might be hard to understand even for system administrators. This is due to the fact that these configuration files have a certain structure: the higher the position of a rule in the rule set, the higher priority it has. Challenging problems arise when a new rule is being added to the set, and a proper position, where to place it, needs to be found. Misconfiguration might sooner or later be made and that will lead to an inappropriate system's security. This brings us to the usability problem associated with the configuration of firewalls.

The overall aim of this thesis is to identify existing firewall usability gaps and to mitigate them. To achieve the first part of the objective, we conducted a series of interviews with system administrators. In the interviews, system administrators were asked about the problems they face when dealing with firewalls. After having ascertained that the usability problems exist, we turned to literature to get an understanding on the state-of-the-art of the field and therefore conducted a systematic literature review. This review presents a classification of available solutions and identifies open challenges in this area. To achieve the second part of the objective, we started working on one identified challenge. A set of usability metrics was proposed and mathematically formalized. A strong correlation between our metrics and how system administrators describe usability was identified.

Abstract [en]

Network security is an important aspect that must be taken into account. Firewalls are systems that are used to make sure that authorized network traffic is allowed and unauthorized traffic is prohibited. However, setting up a firewall correctly is a challenging task. Their configuration files might be hard to understand even for system administrators.

The overall aim of this thesis is to identify firewall usability gaps and to mitigate them. To achieve the first part of the objective, we conduct a series of interviews with system administrators. In the interviews, system administrators are asked about the problems they face when dealing with firewalls. After having ascertained that the usability problems exist, we conduct a systematic literature review to get an understanding on the state of the art of the field. This review classifies available solutions and identifies open challenges. To achieve the second part of the objective, a set of usability metrics is proposed and mathematically formalized. A strong correlation between our metrics and how system administrators describe usability is identified.

sted, utgiver, år, opplag, sider
Karlstads universitet, 2017. , 11 s.
Serie
Karlstad University Studies, ISSN 1403-8099 ; 2017:40
Emneord [en]
Network Security, Usable Security, Firewall Configuration, Systematic Literature Review, Usability Metrics, User Studies
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-64703ISBN: 978-91-7063-817-6 (tryckt)ISBN: 978-91-7063-912-8 (digital)OAI: oai:DiVA.org:kau-64703DiVA: diva2:1150051
Presentation
2017-11-27, 9C 204, Rejmersalen, Karlstad, 13:15 (engelsk)
Opponent
Veileder
Forskningsfinansiär
Knowledge Foundation
Tilgjengelig fra: 2017-11-08 Laget: 2017-10-17 Sist oppdatert: 2017-11-08bibliografisk kontrollert
Delarbeid
1. Challenges in Managing Firewalls
Åpne denne publikasjonen i ny fane eller vindu >>Challenges in Managing Firewalls
2015 (engelsk)Inngår i: Secure IT Systems: 20th Nordic Conference, NordSec 2015, Stockholm, Sweden, October 19–21, 2015, Proceedings, Springer, 2015, Vol. 9417, 191-196 s.Konferansepaper, Publicerat paper (Fagfellevurdert)
sted, utgiver, år, opplag, sider
Springer, 2015
Serie
Lecture Notes in Computer Science, ISSN 0302-9743 ; 9417
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
urn:nbn:se:kau:diva-39073 (URN)10.1007/978-3-319-26502-5_13 (DOI)000374098500013 ()978-3-319-26501-8 (ISBN)
Konferanse
The 20th Nordic Conference on Secure IT Systems, NordSec 2015, Stockholm, Sweden, October 19–21, 2015
Tilgjengelig fra: 2016-01-19 Laget: 2016-01-19 Sist oppdatert: 2017-10-17bibliografisk kontrollert
2. Systematic Literature Review on Usability of Firewall Configuration
Åpne denne publikasjonen i ny fane eller vindu >>Systematic Literature Review on Usability of Firewall Configuration
(engelsk)Manuskript (preprint) (Annet vitenskapelig)
HSV kategori
Identifikatorer
urn:nbn:se:kau:diva-64701 (URN)
Tilgjengelig fra: 2017-10-17 Laget: 2017-10-17 Sist oppdatert: 2017-10-17
3. Measuring the Usability of Firewall Rule Sets
Åpne denne publikasjonen i ny fane eller vindu >>Measuring the Usability of Firewall Rule Sets
(engelsk)Manuskript (preprint) (Annet vitenskapelig)
HSV kategori
Identifikatorer
urn:nbn:se:kau:diva-64702 (URN)
Tilgjengelig fra: 2017-10-17 Laget: 2017-10-17 Sist oppdatert: 2017-10-17

Open Access i DiVA

fulltext(324 kB)7 nedlastinger
Filinformasjon
Fil FULLTEXT02.pdfFilstørrelse 324 kBChecksum SHA-512
6bdce064c44cbe12bb11e09f3c61b6cc8dc80168553aaaf4056f18faeb665f7e165536b9e407dd9d5ae20739903defe50795ff22cbbd7021b4225bffe8553d88
Type fulltextMimetype application/pdf

Søk i DiVA

Av forfatter/redaktør
Voronkov, Artem
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar
Totalt: 7 nedlastinger
Antall nedlastinger er summen av alle nedlastinger av alle fulltekster. Det kan for eksempel være tidligere versjoner som er ikke lenger tilgjengelige

isbn
urn-nbn

Altmetric

isbn
urn-nbn
Totalt: 69 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf