Abstract
At present, the security strategy of the lower boundary protection equipment of the power system can no longer meet the needs of the current business growth. A large number of redundant strategies cause the protection performance of the boundary firewall to decline. At the same time, the large number of business growth causes the network boundary order of the power grid system to be blurred. In order to prevent the paralysis and partial collapse of the network and ensure the reliability and integrity of the power business data and enterprise information, this paper develops a smart border firewall optimization tool. This tool can not only integrate the security device policies of different manufacturers through Simple Policy Specification Description Language (SPSDL), but also prioritize security rules according to the frequency of use through keyword filtering algorithms and rule optimization decision trees, then realize the classification, streamlining, optimization and upgrading of firewall security rules. The research results show that the power system firewall can achieve an accuracy rate of more than 90% when the strategy is imported. The rule optimization part can reduce the unique correlation addition index of this paper to about 0.2, which solves the problem of firewall security strategy import language diversification. It further eases the pressure of firewall policy redundancy under the power system.
This work was supported by the State Grid Zhejiang Electric Power Co., Ltd. Technology Project (No. 5211XT22000D).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Tao, L., Golikov, S., et al.: A reusable software component for integrated syntax and semantic validation for services computing. In: IEEE Symposium on SOSE, pp. 127–132 (2015)
Li, J., Ming, Z., et al.: Resource allocation robustness in multi-core embedded systems with inaccurate information. JSA 57(9), 840–849 (2011)
Qiu, M., Ming, Z., et al.: Three-phase time-aware energy minimization with DVFS and unrolling for chip multiprocessors. J. Syst. Archit. 58(10), 439–445 (2012)
Qiu, M., Li, H., Sha, E.: Heterogeneous real-time embedded software optimization considering hardware platform. In: ACM Symposium on Applied Computing, pp. 1637–1641 (2009)
Qiu, M., et al.: Efficent algorithm of energy minimization for heterogeneous wireless sensor network. In: Sha, E., et al. (eds.) EUC 2006. LNCS, vol. 4096, pp. 25–34. Springer, Heidelberg (2006). https://doi.org/10.1007/11802167_5
Niu, J., Gao, Y., Qiu, M., Ming, Z.: Selecting proper wireless network interfaces for user experience enhancement with guaranteed probability. JPDC 72(12), 1565–1575 (2012)
Hu, F., Lakdawala, S., et al.: Low-power, intelligent sensor hardware interface for medical data preprocessing. IEEE Trans. Inf. Technol. Biomed. 13(4), 656–663 (2009)
Jian-bing, L.I.U., Xu-yan, M.A., Xiao-hong, W.A.N.G., Zhen-xin, W.A.N.G.: Security policy of active security network architecture. Inf. Secur. Res. 7(11), 998–1006 (2021)
Ming, H.A.N.: Internal network security policy. Inf. Comput. 04, 157–158 (2018)
Yan, Z.: Optimization of communication network firewall strategy. Comput. Knowl. Technol. 17(07), 46–47+53 (2021). https://doi.org/10.14004/j.cnki.ckt. 2021.0724
Lupu, E., Sloman, M.: Conflict analysis for management policies. In: Lazar, A.A., Saracco, R., Stadler, R. (eds.) Integrated Network Management V. IM 1997. IFIP — The International Federation for Information Processing, pp. 430–443. Springer, Boston (1997). https://doi.org/10.1007/978-0-387-35180-3_32
Bartal, Y., Mayer, A., Nissim, K., et al.: Firmato: a novel firewall management toolkit. ACM Trans. Comput. Syst. (TOCS) 22(4), 381–420 (2004)
Hu, H., Ahn, G.J., Kulkarni, K.: Detecting and resolving firewall policy anomalies. IEEE Trans. Dependable Secure Comput. 9(3), 318–331 (2012)
Han, G., Wang, W., Sheng, H.: Research on firewall strategy sorting and optimization method. Electr. Power Inf. Commun. Technol. 16(06), 31–35 (2018)
Liu, A.X., Li, R.: Collaborative enforcement of firewall policies in virtual private networks. In: Liu, A.X., Li, R. (eds.) Algorithms for Data and Computation Privacy, pp. 139–170. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-58896-0_6
Gao, Z., Zhang, Y., et al.: Improved mayfly algorithm and its application in firewall policy configuration. J. Shaanxi Univ. Sci. Technol. (Nat. Sci. Ed.) 38(02), 41–48 (2022)
Liu, K.: Research and Implementation of Firewall Deep Packet Detection Technology. Beijing University of Posts and Telecommunications (2013)
Ren, Z.: Research on Key Technologies of Firewall Security Policy Configuration. National University of Defense Science and Technology (2011)
Chen, X.: Analysis of security policy conflicts in multi device firewalls. Comput. CD Softw. Appl. (02), 104+102 (2012)
Deng, W., Liang, Y.: Semantic analysis method of firewall security policy. Comput. Eng. Appl. (26), 135–137 (2007)
Wang, B.: Active Security Policy Firewall Based on Honeynet. Beijing University of Posts and Telecommunications (2010)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, C., Mao, D., Cui, L., Sun, J., Yang, F., Cao, C. (2023). Research on Power Border Firewall Policy Import and Optimization Tool. In: Qiu, M., Lu, Z., Zhang, C. (eds) Smart Computing and Communication. SmartCom 2022. Lecture Notes in Computer Science, vol 13828. Springer, Cham. https://doi.org/10.1007/978-3-031-28124-2_51
Download citation
DOI: https://doi.org/10.1007/978-3-031-28124-2_51
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-28123-5
Online ISBN: 978-3-031-28124-2
eBook Packages: Computer ScienceComputer Science (R0)