Arosha K. Bandara, Antonis C. Kakas, Emil C. Lupu & Alessandra Russo (2009):
Using argumentation logic for firewall configuration management.
In: IFIP/IEEE International Symposium on Integrated Network Management.
IEEE,
pp. 180–187,
doi:10.1109/INM.2009.5188808.
Yair Bartal, Alain Mayer, Kobbi Nissim & Avishai Wool (1999):
Firmato: A novel firewall management toolkit.
In: IEEE Symposium on Security and Privacy.
IEEE,
pp. 17–31,
doi:10.1109/SECPRI.1999.766714.
M. Bishop (2003):
Computer Security: Art and Science.
Addison-Wesley.
Achim D. Brucker, Lukas Brügger & Burkhart Wolff (2008):
Model-based Firewall Conformance Testing.
In: Testing of Software and Communicating Systems.
Springer,
pp. 103–118,
doi:10.1007/978-3-540-68524-1_9.
Achim D. Brucker, Lukas Brügger & Burkhart Wolff (2013):
HOL-TestGen/FW: An Environment for Specification-based Firewall Conformance Testing.
In: International Colloquium on Theoretical Aspects of Computing – ICTAC 2013,
Lecture Notes in Computer Science 8049.
Springer Berlin Heidelberg,
pp. 112–121,
doi:10.1007/978-3-642-00593-0_28.
Bundesamt für Sicherheit in der Informationstechnik (2013):
Technische Richtlinie BSI TR-03109-1 – Anforderungen an die Interoperabilität der Kommunikationseinheit eines intelligenten Messsystems,
1.0 edition.
https://www.bsi.bund.de.
Cornelius Diekmann, Stephan-A. Posselt, Heiko Niedermayer, Holger Kinkelin, Oliver Hanka & Georg Carle (2014):
Verifying Security Policies using Host Attributes.
In: Proc. FORTE.
Springer,
Berlin, Germany.
Available at http://www.net.in.tum.de/pub/diekmann/forte14.pdf.
To appear.
J. D. Guttman (1997):
Filtering postures: local enforcement for global policies.
In: Proceedings of the 1997 IEEE Symposium on Security and Privacy,
Washington, DC, USA,
doi:10.1109/SECPRI.1997.601327.
Joshua D. Guttman & Amy L. Herzog (2005):
Rigorous automated network security management.
International Journal of Information Security 4,
pp. 29–48,
doi:10.1007/s10207-004-0052-x.
Andrew H. R. Hansen (2012):
Protecting Critical Infrastructure.
ASA Institute for Risk & Innovation,
pp. 1–12.
http://anniesearle.com/web-services/Documents/ResearchNotes/ASA_ResearchNote_ProtectingCriticalInfrastructure_June2012.pdf.
Jeremy Kirk (2010):
Verizon: Data breaches often caused by configuration errors.
networkworld.
http://www.networkworld.com/news/2010/072910-verizon-data-breaches-often-caused.html.
Tobias Nipkow, Lawrence C. Paulson & Markus Wenzel (2002, last updated 2013):
Isabelle/HOL: A Proof Assistant for Higher-Order Logic.
LNCS 2283.
Springer.
Available at http://isabelle.in.tum.de/doc/tutorial.pdf.
S. Pozo, R. Ceballos & R. M. Gasca (2007):
CSP-Based Firewall Rule Set Diagnosis using Security Policies.
International Conference on Availability, Reliability and Security,
pp. 723–729,
doi:10.1109/ARES.2007.63.
R.W. Ritchey & P. Ammann (2000):
Using model checking to analyze network vulnerabilities.
In: IEEE Symposium on Security and Privacy,
pp. 156–165,
doi:10.1109/SECPRI.2000.848453.
Justine Sherry, Shaddi Hasan, Colin Scott, Arvind Krishnamurthy, Sylvia Ratnasamy & Vyas Sekar (2012):
Making middleboxes someone else's problem: Network processing as a cloud service.
ACM SIGCOMM Computer Communication Review 42(4),
pp. 13–24,
doi:10.1145/2377677.2377680.
Verizon Business RISK team & United States Secret Service (2010):
2010 Data Breach Investigations Report.
http://www.verizonenterprise.com/resources/reports/rp_2010-DBIR-combined-reports_en_xg.pdf.
Avishai Wool (2004):
A quantitative study of firewall configuration errors.
Computer, IEEE 37(6),
pp. 62 – 67,
doi:10.1109/MC.2004.2.
Avishai Wool (2004):
The use and usability of direction-based filtering in firewalls.
Computers & Security 23(6),
pp. 459–468,
doi:10.1016/j.cose.2004.02.003.
Lihua Yuan, Hao Chen, Jianning Mai, Chen-Nee Chuah, Zhendong Su & P. Mohapatra (2006):
FIREMAN: a toolkit for firewall modeling and analysis.
In: IEEE Symposium on Security and Privacy,
pp. 199–213,
doi:10.1109/SP.2006.16.