@Article{2017TNET,
  author    = {Fulvio Valenza and Cataldo Basile and Daniele Canavese and Antonio Lioy},
  doi       = {10.1109/TNET.2017.2708096},
  journal   = {{IEEE/ACM} Transactions on Networking},
  number    = {5},
  pages     = {2601--2614},
  title     = {Classification and Analysis of Communication Protection Policy Anomalies},
  volume    = {25},
  year      = {2017},
  abstract={This paper presents a classification of the anomalies that can appear when designing or implementing communication protection policies. Together with the already known intra- and inter-policy anomaly types, we introduce a novel category, the inter-technology anomalies, related to security controls implementing different technologies, both within the same network node and among different network nodes. Through an empirical assessment, we prove the practical significance of detecting this new anomaly class. Furthermore, this paper introduces a formal model, based on first-order logic rules that analyses the network topology and the security controls at each node to identify the detected anomalies and suggest the strategies to resolve them. This formal model has manageable computational complexity and its implementation has shown excellent performance and good scalability. © 2017 IEEE.},
  keywords={VPN,  Policy Analysis},
  url       = {https://iris.polito.it/retrieve/handle/11583/2673838/426540/2017TNET_author.pdf},
 }

{"_id":"8wYPTDHEv2jTGp4fb","bibbaseid":"valenza-basile-canavese-lioy-classificationandanalysisofcommunicationprotectionpolicyanomalies-2017","authorIDs":["anJrBcCdr4LzzWetx"],"author_short":["Valenza, F.","Basile, C.","Canavese, D.","Lioy, A."],"bibdata":{"bibtype":"article","type":"article","author":[{"firstnames":["Fulvio"],"propositions":[],"lastnames":["Valenza"],"suffixes":[]},{"firstnames":["Cataldo"],"propositions":[],"lastnames":["Basile"],"suffixes":[]},{"firstnames":["Daniele"],"propositions":[],"lastnames":["Canavese"],"suffixes":[]},{"firstnames":["Antonio"],"propositions":[],"lastnames":["Lioy"],"suffixes":[]}],"doi":"10.1109/TNET.2017.2708096","journal":"IEEE/ACM Transactions on Networking","number":"5","pages":"2601–2614","title":"Classification and Analysis of Communication Protection Policy Anomalies","volume":"25","year":"2017","abstract":"This paper presents a classification of the anomalies that can appear when designing or implementing communication protection policies. Together with the already known intra- and inter-policy anomaly types, we introduce a novel category, the inter-technology anomalies, related to security controls implementing different technologies, both within the same network node and among different network nodes. Through an empirical assessment, we prove the practical significance of detecting this new anomaly class. Furthermore, this paper introduces a formal model, based on first-order logic rules that analyses the network topology and the security controls at each node to identify the detected anomalies and suggest the strategies to resolve them. This formal model has manageable computational complexity and its implementation has shown excellent performance and good scalability. © 2017 IEEE.","keywords":"VPN, Policy Analysis","url":"https://iris.polito.it/retrieve/handle/11583/2673838/426540/2017TNET_author.pdf","bibtex":"@Article{2017TNET,\r\n author = {Fulvio Valenza and Cataldo Basile and Daniele Canavese and Antonio Lioy},\r\n doi = {10.1109/TNET.2017.2708096},\r\n journal = {{IEEE/ACM} Transactions on Networking},\r\n number = {5},\r\n pages = {2601--2614},\r\n title = {Classification and Analysis of Communication Protection Policy Anomalies},\r\n volume = {25},\r\n year = {2017},\r\n abstract={This paper presents a classification of the anomalies that can appear when designing or implementing communication protection policies. Together with the already known intra- and inter-policy anomaly types, we introduce a novel category, the inter-technology anomalies, related to security controls implementing different technologies, both within the same network node and among different network nodes. Through an empirical assessment, we prove the practical significance of detecting this new anomaly class. Furthermore, this paper introduces a formal model, based on first-order logic rules that analyses the network topology and the security controls at each node to identify the detected anomalies and suggest the strategies to resolve them. This formal model has manageable computational complexity and its implementation has shown excellent performance and good scalability. © 2017 IEEE.},\r\n keywords={VPN, Policy Analysis},\r\n url = {https://iris.polito.it/retrieve/handle/11583/2673838/426540/2017TNET_author.pdf},\r\n }\r\n\r\n \r\n ","author_short":["Valenza, F.","Basile, C.","Canavese, D.","Lioy, A."],"key":"2017TNET","id":"2017TNET","bibbaseid":"valenza-basile-canavese-lioy-classificationandanalysisofcommunicationprotectionpolicyanomalies-2017","role":"author","urls":{"Paper":"https://iris.polito.it/retrieve/handle/11583/2673838/426540/2017TNET_author.pdf"},"keyword":["VPN","Policy Analysis"],"metadata":{"authorlinks":{"valenza, f":"https://bibbase.org/show?bib=https%3A%2F%2Fraw.githubusercontent.com%2FFulvioValenza%2Fbibliography%2Fmain%2FValenza_bibliography.bib"}},"downloads":4},"bibtype":"article","biburl":"https://raw.githubusercontent.com/FulvioValenza/bibliography/main/Valenza_bibliography.bib","creationDate":"2021-01-16T10:07:49.758Z","downloads":4,"keywords":["vpn","policy analysis"],"search_terms":["classification","analysis","communication","protection","policy","anomalies","valenza","basile","canavese","lioy"],"title":"Classification and Analysis of Communication Protection Policy Anomalies","year":2017,"dataSources":["JbiX35GNqPCF3nids","csYhy47rJJgSM7jjJ"]}