{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,4]],"date-time":"2025-06-04T04:18:02Z","timestamp":1749010682734,"version":"3.41.0"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319414829"},{"type":"electronic","value":"9783319414836"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-41483-6_19","type":"book-chapter","created":{"date-parts":[[2016,7,1]],"date-time":"2016-07-01T11:09:11Z","timestamp":1467371351000},"page":"268-284","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Reasoning About Firewall Policies Through Refinement and Composition"],"prefix":"10.1007","author":[{"given":"Ultan","family":"Neville","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Simon N.","family":"Foley","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,7,2]]},"reference":[{"key":"19_CR1","unstructured":"Linux iptables - CLI for configuring the Linux kernel firewall, Netfilter. http:\/\/www.netfilter.org\/projects\/iptables\/index.html"},{"key":"19_CR2","doi-asserted-by":"crossref","unstructured":"Ad\u00e3o, P., Bozzato, C., Dei Rossi, G., Focardi, R., Luccio, F.L.: Mignis: a semantic based tool for firewall configuration. In: Proceedings of the 2014 IEEE 27th Computer Security Foundations Symposium, pp. 351\u2013365. IEEE (2014)","DOI":"10.1109\/CSF.2014.32"},{"key":"19_CR3","series-title":"The International Federation for Information Processing","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/978-0-387-35674-7_2","volume-title":"Integrated Network Management VIII","author":"E Al-Shaer","year":"2003","unstructured":"Al-Shaer, E., Hamed, H.: Firewall policy advisor for anomaly discovery and rule editing. In: Goldszmidt, G., Sch\u00f6nw\u00e4lder, J. (eds.) Integrated Network Management VIII. IFIP, vol. 246, pp. 17\u201330. Springer, New York (2003)"},{"issue":"10","key":"19_CR4","doi-asserted-by":"publisher","first-page":"2069","DOI":"10.1109\/JSAC.2005.854119","volume":"23","author":"E Al-Shaer","year":"2005","unstructured":"Al-Shaer, E., Hamed, H., Boutaba, R., Hasan, M.: Conflict classification and analysis of distributed firewall policies. IEEE J. Sel. Areas Commun. 23(10), 2069\u20132084 (2005)","journal-title":"IEEE J. Sel. Areas Commun."},{"key":"19_CR5","series-title":"American Mathemical Society Colloquium Publications","volume-title":"Lattice Theory","author":"G Birkhoff","year":"1967","unstructured":"Birkhoff, G.: Lattice Theory. American Mathemical Society Colloquium Publications, vol. XXV, 3rd edn. American Mathemical Society, Providence (1967)","edition":"3"},{"issue":"1","key":"19_CR6","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1002\/stvr.1544","volume":"25","author":"AD Brucker","year":"2015","unstructured":"Brucker, A.D., Br\u00fcgger, L., Wolff, B.: Formal firewall conformance testing: an application of test and proof techniques. Softw. Test. Verif. Reliab. 25(1), 34\u201371 (2015)","journal-title":"Softw. Test. Verif. Reliab."},{"key":"19_CR7","doi-asserted-by":"crossref","unstructured":"Cotton, M., Vegoda, L.: Special Use IPv4 Addresses. RFC 5735, January 2010","DOI":"10.17487\/rfc5735"},{"key":"19_CR8","unstructured":"Cuppens, F., Cuppens-Boulahia, N., Garc\u00eda-Alfaro, J.: Detection and removal of firewall misconfiguration. In: Proceedings of the 2005 IASTED International Conference on Communication, Network and Information Security, vol. 1, pp. 154\u2013162 (2005)"},{"key":"19_CR9","series-title":"International Federation for Information Processing","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/0-387-24098-5_15","volume-title":"Formal Aspects in Security and Trust","author":"F Cuppens","year":"2005","unstructured":"Cuppens, F., Cuppens-Boulahia, N., Sans, T., Mi\u00e8ge, A.: A formal approach to specify and deploy a network security policy. In: Dimitrakos, T., Martinelli, F. (eds.) Formal Aspects in Security and Trust. IFIP, vol. 173, pp. 203\u2013218. Springer, New York (2005)"},{"issue":"1","key":"19_CR10","first-page":"14","volume":"18","author":"WM Fitzgerald","year":"2013","unstructured":"Fitzgerald, W.M., Neville, U., Foley, S.N.: MASON: mobile autonomic security for network access controls. J. Inf. Secur. Appl. (JISA) 18(1), 14\u201329 (2013)","journal-title":"J. Inf. Secur. Appl. (JISA)"},{"key":"19_CR11","doi-asserted-by":"crossref","unstructured":"Foley, S.N.: The specification and implementation of commercial security requirements including dynamic segregation of duties. In: ACM Conference on Computer and Communications Security, pp. 125\u2013134 (1997)","DOI":"10.1145\/266420.266447"},{"key":"19_CR12","doi-asserted-by":"crossref","unstructured":"Foley, S.N., Neville, U.: A firewall algebra for openstack. In: 2015 IEEE Conference on Communications and Network Security, CNS 2015, Florence, Italy, 28\u201330 September 2015, pp. 541\u2013549 (2015)","DOI":"10.1109\/CNS.2015.7346867"},{"key":"19_CR13","doi-asserted-by":"crossref","unstructured":"Hari, A., Suri, S., Parulkar, G.: Detecting and resolving packet filter conflicts. In: Proceedings of the IEEE Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3, pp. 1203\u20131212. IEEE (2000)","DOI":"10.1109\/INFCOM.2000.832496"},{"key":"19_CR14","doi-asserted-by":"publisher","first-page":"441","DOI":"10.1007\/978-1-4471-3756-6_19","volume-title":"Proceedings of the 4th Refinement Workshop","author":"JL Jacob","year":"1991","unstructured":"Jacob, J.L.: The varieties of refinement. In: Morris, J.M., Shaw, R.C. (eds.) Proceedings of the 4th Refinement Workshop, pp. 441\u2013455. Springer, Heidelberg (1991)"},{"issue":"2","key":"19_CR15","doi-asserted-by":"publisher","first-page":"214","DOI":"10.1145\/383891.383894","volume":"26","author":"S Jajodia","year":"2001","unstructured":"Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM Trans. Database Syst. 26(2), 214\u2013260 (2001)","journal-title":"ACM Trans. Database Syst."},{"key":"19_CR16","doi-asserted-by":"crossref","unstructured":"Jarraya, Y., Eghtesadi, A., Debbabi, M., Zhang, Y., Pourzandi, M.: Cloud calculus: security verification in elastic cloud computing platform. In: 2012 International Conference on Collaboration Technologies and Systems (CTS), pp. 447\u2013454. IEEE (2012)","DOI":"10.1109\/CTS.2012.6261089"},{"key":"19_CR17","doi-asserted-by":"crossref","unstructured":"Jeffrey, A., Samak, T.: Model checking firewall policy configurations. In: IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009, pp. 60\u201367. IEEE (2009)","DOI":"10.1109\/POLICY.2009.32"},{"key":"19_CR18","unstructured":"Levine, L.: (Lemma 3, Example 6.) Algebraic Combinatorics, Lecture 8, March 2011. http:\/\/www.math.cornell.edu\/~levine\/18.312\/alg-comb-lecture-8.pdf"},{"key":"19_CR19","unstructured":"Spivey, J.M.: The Z Notation: A Reference Manual. Series in Computer Science, 2nd edn. Prentice Hall International (1992)"},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Yuan, L., Chen, H., Mai, J., Chuah, C., Su, Z., Mohapatra, P.: Fireman: a toolkit for firewall modeling and analysis. In: 2006 IEEE Symposium on Security and Privacy, pages 15, pp. 199\u2013213. IEEE (2006)","DOI":"10.1109\/SP.2006.16"},{"key":"19_CR21","unstructured":"Zhao, H., Bellovin, S.M.: Policy algebras for hybrid firewalls. Technical report CUCS-017-07, Department of Computer Science, Columbia University, March 2007"}],"container-title":["Lecture Notes in Computer Science","Data and Applications Security and Privacy XXX"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-41483-6_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,3]],"date-time":"2025-06-03T23:33:18Z","timestamp":1748993598000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-41483-6_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319414829","9783319414836"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-41483-6_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"2 July 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}