Firewall Policy Modeling, Analysis and Simulation: A Survey

Computer firewalls are widely used for security policy enforcement and access control. Current firewalls use various processing models and are configured using their own policy description languages. This paper will try to survey research e orts in the area of formalization of firewall operational semantics and policy description languages and applications of such formal models and languages for firewall simulation, policy optimization, detection of configuration errors and enterprise security policy compliance testing.