Fireasy: uma ferramenta para auxílio na modelagem de políticas de segurança, tradução e compreensão de configurações de firewalls
Carregando...
Data
2021-12-15
Autores
Queiróz, Leandro Meira Marinho
Título da Revista
ISSN da Revista
Título de Volume
Editor
Universidade Estadual Paulista (Unesp)
Resumo
A internet atualmente é utilizada por mais da metade da população mundial. Se por um lado isso facilita a comunicação e a busca por conhecimento, por outro aumenta a quantidade de incidentes de segurança. Empresas e organizações armazenam quantidades cada vez maiores de dados valiosos, sendo necessária a implementação de mecanismos para protegê-los de pessoas mal-intencionadas. Existem técnicas e procedimentos que visam a aumentar a segurança de sistemas computacionais, seja por meio da proteção física dos servidores, por diretivas realizadas nos sistemas operacionais a fim de dificultar invasões, ou por serviços de proteção entre redes. Os Firewalls fazem parte deste último, tendo como objetivo filtrar os pacotes que entram e saem da rede. Suas configurações dependem de políticas de segurança, as quais consistem em documentos que descrevem o que é permitido trafegar na rede e o que é proibido. A transcrição das políticas de segurança em regras, escritas em linguagem nativa de firewall, que as representam, consiste na principal fonte de erros nas configurações de firewalls. Não existem ferramentas acadêmicas ou de código aberto que permitam representar as regras de firewalls já implementados por meio de elementos gráficos, e que seja possível editá-las para posteriormente traduzi-las novamente para linguagem nativa de firewall. Este trabalho possui o objetivo de apresentar uma ferramenta para modelagem de regras de firewalls além de possibilitar a abstração das regras em elementos gráficos, permitindo editá-las. Por fim, foi conduzido um experimento controlado para validação da abordagem, que indicou uma melhora na tradução de políticas de segurança em regras de firewall utilizando a ferramenta, quando comparada com a abordagem ad-hoc. Na tarefa de compreensão de regras de firewall, houve uma homogeneização do desempenho dos participantes quando eles utilizaram a ferramenta.
T he internet is currently used by more than half of the world’s population. If, on the one hand, this facilitates communication and the search for knowledge, on the other hand, it increases the number of security incidents. Companies and organizations store increasing amounts of valuable data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, either through physical protection of servers, through directives carried out in operating systems in order to hinder intrusions, or through protection services between networks. Firewalls are part of the last one, with the objective of filtering packets that enter and leave the network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. There are no academic or open source tools that allow representing the rules of already implemented firewalls through graphic elements, and that it is possible to edit them to later translate them back into the firewall’s native language. This work has the objective of presenting a tool for modeling firewall rules in addition to allowing the abstraction of rules in graphic elements, allowing them to be edited. Finally, a controlled experiment was conducted to validate the approach, which indicated an improvement in the translation of security policies into firewall rules using the tool, when compared to the ad-hoc approach. In the task of understanding firewall rules, there was a homogenization of the participants’ performance when they used the tool.
T he internet is currently used by more than half of the world’s population. If, on the one hand, this facilitates communication and the search for knowledge, on the other hand, it increases the number of security incidents. Companies and organizations store increasing amounts of valuable data, requiring the implementation of mechanisms to protect them from malicious people. There are techniques and procedures that aim to increase the security of computer systems, either through physical protection of servers, through directives carried out in operating systems in order to hinder intrusions, or through protection services between networks. Firewalls are part of the last one, with the objective of filtering packets that enter and leave the network. Its settings depend on security policies, which consist of documents that describe what is allowed to travel on the network and what is prohibited. The transcription of security policies into rules, written in native firewall language, that represent them, is the main source of errors in firewall configurations. There are no academic or open source tools that allow representing the rules of already implemented firewalls through graphic elements, and that it is possible to edit them to later translate them back into the firewall’s native language. This work has the objective of presenting a tool for modeling firewall rules in addition to allowing the abstraction of rules in graphic elements, allowing them to be edited. Finally, a controlled experiment was conducted to validate the approach, which indicated an improvement in the translation of security policies into firewall rules using the tool, when compared to the ad-hoc approach. In the task of understanding firewall rules, there was a homogenization of the participants’ performance when they used the tool.
Descrição
Palavras-chave
Firewall, Visualização de firewall, SPML, Packet filter, Politicas de segurança, Firewall visualization, Security policies