Sciweavers

CCS
2015
ACM

Identifying the Missing Aspects of the ANSI/ISA Best Practices for Security Policy

8 years 6 months ago
Identifying the Missing Aspects of the ANSI/ISA Best Practices for Security Policy
Firewall configuration is a critical activity for the Supervisory Control and Data Acquisition (SCADA) networks that control power stations, water distribution, factory automation, etc. The American National Standards Institute (ANSI) provides specifications for the best practices in developing high-level security policy [9]. However, firewalls continue to be configured manually, a common but error prone process. Automation can make designing firewall configurations more reliable and their deployment increasingly cost-effective. ANSI best practices lack specification in several key aspects needed to allow a firewall to be automatically configured. In this paper we discuss the missing aspects of the existing best practice specifications and propose solutions. We then apply our corrected best practice specifications to real SCADA firewall configurations and evaluate their usefulness for high-level automated specification of firewalls. Categories and Subject Descriptors C...
Dinesha Ranathunga, Matthew Roughan, Phil Kernick,
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors Dinesha Ranathunga, Matthew Roughan, Phil Kernick, Nick Falkner, Hung X. Nguyen
Comments (0)