{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,29]],"date-time":"2026-04-29T03:46:59Z","timestamp":1777434419561,"version":"3.51.4"},"reference-count":53,"publisher":"SAGE Publications","issue":"2-3","license":[{"start":{"date-parts":[[2016,11,3]],"date-time":"2016-11-03T00:00:00Z","timestamp":1478131200000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc\/4.0\/"}],"content-domain":{"domain":["journals.sagepub.com"],"crossmark-restriction":true},"short-container-title":["Argument & Computation"],"published-print":{"date-parts":[[2016,11,28]]},"abstract":"Firewalls are an important tool in the assurance of network security. Packet filtering firewalls are configured by providing a set of rules that identify how to handle individual data packets that arrive at the firewall. In large firewall configurations, conflicts may arise between these rules. Argumentation provides a way of handling conflicts such that their origin is illuminated, and hence can help a system administrator understand the effects of a given configuration. To show how argumentation might help in this domain we examine the use of a system of metalevel argumentation for firewall configuration, showing how it makes conflicts and their origins clear, and showing how different instantiations of a metalevel argumentation system provide alternative ways to resolve conflicts.<\/jats:p>","DOI":"10.3233\/aac-160008","type":"journal-article","created":{"date-parts":[[2016,11,29]],"date-time":"2016-11-29T11:25:35Z","timestamp":1480418735000},"page":"201-221","update-policy":"https:\/\/doi.org\/10.1177\/sage-journals-update-policy","source":"Crossref","is-referenced-by-count":2,"title":["Firewall configuration: An application of multiagent metalevel argumentation"],"prefix":"10.1177","volume":"7","author":[{"given":"Andy","family":"Applebaum","sequence":"first","affiliation":[{"name":"The MITRE Corporation, McLean, VA 22102, USA"}]},{"given":"Zimi","family":"Li","sequence":"additional","affiliation":[{"name":"Department of Computer Science, The Graduate Center, City University of New York, New York, NY\u00a010016, USA"}]},{"given":"Karl","family":"Levitt","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of California, Davis, CA 95616, USA"}]},{"given":"Simon","family":"Parsons","sequence":"additional","affiliation":[{"name":"Department of Informatics, King\u2019s College London, Strand, London WC2R 2LS, UK"}]},{"given":"Jeff","family":"Rowe","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of California, Davis, CA 95616, USA"}]},{"given":"Elizabeth I.","family":"Sklar","sequence":"additional","affiliation":[{"name":"Department of Informatics, King\u2019s College London, Strand, London WC2R 2LS, UK"}]}],"member":"179","published-online":{"date-parts":[[2016,11,3]]},"reference":[{"key":"ref001","doi-asserted-by":"crossref","unstructured":"N.Ajmeri, C.W.Hang, S.Parsons and M.Singh, Aragorn: Eliciting and maintaining secure service policies, 2016 (in submission).","DOI":"10.1109\/MC.2017.4451210"},{"key":"ref002","doi-asserted-by":"crossref","unstructured":"E.Al-Shaer and H.Hamed, Firewall policy advisor for anomaly discovery and rule editing, in: Integrated Network Management, 2003. IFIP\/IEEE Eighth International Symposium on, IEEE, 2003, pp.\u00a017\u201330. doi:10.1109\/INM.2003.1194157.","DOI":"10.1007\/978-0-387-35674-7_2"},{"key":"ref003","doi-asserted-by":"crossref","unstructured":"E.Al-Shaer and H.Hamed, Discovery of policy anomalies in distributed firewalls, in: INFOCOM 2004. Twenty-Third AnnualJoint Conference of the IEEE Computer and Communications Societies, Vol. 4, IEEE, 2004, pp.\u00a02605\u20132616.","DOI":"10.1109\/INFCOM.2004.1354680"},{"key":"ref004","unstructured":"L.Amgoud and C.Cayrol, On the acceptability of arguments in preference-based argumentation framework, in: Proceedings of the 14th Conference on Uncertainty in Artificial Intelligence, 1998, pp.\u00a01\u20137."},{"key":"ref005","doi-asserted-by":"publisher","DOI":"10.1023\/A:1014490210693"},{"key":"ref006","doi-asserted-by":"crossref","unstructured":"A.Applebaum, K.N.Levitt, J.Rowe and S.Parsons, Arguing about firewall policy, in: Proceedings of the 4th International Conference on Computational Models of Argument, IOS Press, Vienna, Austria, 2012, pp.\u00a091\u2013102.","DOI":"10.3233\/978-1-61499-111-3-91"},{"key":"ref007","unstructured":"A.Applebaum, Z.Li, A.R.Syed, K.Levitt, S.Parsons, J.Rowe and E.I.Sklar, Firewall configuration: An application of multiagent metalevel argumentation, in: Proceedings of the Workshop on Argumentation in Multiagent Systems (ArgMAS) at Autonomous Agents and MultiAgent Systems (AAMAS), Valencia, Spain, 2012."},{"key":"ref008","doi-asserted-by":"crossref","unstructured":"A.Bandara, A.Kakas, E.Lupu and A.Russo, Using argumentation logic for firewall policy specification and analysis, in: Large Scale Management of Distributed Systems, 2006, pp.\u00a0185\u2013196. doi:10.1007\/11907466_16.","DOI":"10.1007\/11907466_16"},{"key":"ref009","doi-asserted-by":"crossref","unstructured":"A.Bandara, A.Kakas, E.Lupu and A.Russo, Using argumentation logic for firewall configuration management, in: Integrated Network Management, 2009. IM\u201909. IFIP\/IEEE International Symposium on, IEEE, 2009, pp.\u00a0180\u2013187. doi:10.1109\/INM.2009.5188808.","DOI":"10.1109\/INM.2009.5188808"},{"key":"ref010","doi-asserted-by":"crossref","unstructured":"P.Baroni, M.Caminada and M.Giacomin, An introduction to argumentation semantics,\n The Knowledge Engineering Review\n (2011).","DOI":"10.1017\/S0269888911000166"},{"key":"ref011","doi-asserted-by":"crossref","unstructured":"N.Basumatary and S.M.Hazarika, Model checking a firewall for anomalies, in: Emerging Trends and Applications in Computer Science (ICETACS), 2013 1st International Conference on, IEEE, 2013, pp.\u00a092\u201396. doi:10.1109\/ICETACS.2013.6691402.","DOI":"10.1109\/ICETACS.2013.6691402"},{"key":"ref012","doi-asserted-by":"publisher","DOI":"10.1093\/logcom\/13.3.429"},{"key":"ref013","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2010.01.005"},{"key":"ref014","doi-asserted-by":"crossref","unstructured":"T.Bouyahia, M.S.Idrees, N.Cuppens-Boulahia, F.Cuppens and F.Autrel, Metric for security activities assisted by argumentative logic, in: Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance, Springer, 2015, pp.\u00a0183\u2013197.","DOI":"10.1007\/978-3-319-17016-9_12"},{"key":"ref015","doi-asserted-by":"crossref","unstructured":"M.W.A.Caminada, On the issue of reinstatement in argumentation, in: Proceedings of the 10th European Conference on Logic in Artificial Intelligence, Liverpool, UK, 2006, pp.\u00a0111\u2013123. doi:10.1007\/11853886_11.","DOI":"10.1007\/11853886_11"},{"key":"ref016","doi-asserted-by":"crossref","unstructured":"M.W.A.Caminada, An algorithm for computing semi-stable semantics, in: Proceedings of the 9th European Conference on Symbolic and Quantitative Approaches to Reasoning with Uncertainty, Verona, Italy, 2007, pp.\u00a0222\u2013234. doi:10.1007\/978-3-540-75256-1_22.","DOI":"10.1007\/978-3-540-75256-1_22"},{"key":"ref017","doi-asserted-by":"publisher","DOI":"10.1016\/j.artint.2007.02.003"},{"key":"ref018","doi-asserted-by":"publisher","DOI":"10.1093\/logcom\/exr033"},{"key":"ref019","first-page":"176","author":"Davy S.","year":"2007","journal-title":"Inter-Domain Management"},{"key":"ref020","doi-asserted-by":"publisher","DOI":"10.1016\/0004-3702(94)00041-X"},{"key":"ref021","unstructured":"P.Eronen and J.Zitting, An expert system for analyzing firewall rules, in: Proceedings of the 6th Nordic Workshop on Secure IT Systems (NordSec 2001), 2001, pp.\u00a0100\u2013107."},{"key":"ref022","doi-asserted-by":"publisher","DOI":"10.1007\/s10462-009-9147-0"},{"key":"ref023","unstructured":"S.Hazelhurst, Algorithms for analysing firewall and router access lists, Technical report, Department of Computer Science, University of the Witwatersrand, 2000."},{"key":"ref024","unstructured":"S.Hazelhurst, A.Fatti and A.Henwood, Binary decision diagram representations of firewall and router access lists, Technical report, Department of Computer Science, University of the Witwatersrand, 1998."},{"key":"ref025","doi-asserted-by":"crossref","unstructured":"K.Ingham and S.Forrest, Network firewalls, in: Enhancing Computer Security with Smart Technology, 2006, pp.\u00a09\u201340.","DOI":"10.1201\/9780849330452.ch2"},{"key":"ref026","doi-asserted-by":"publisher","DOI":"10.1111\/j.1467-8640.1995.tb00025.x"},{"key":"ref027","unstructured":"J.Kurose and K.Ross, Computer Networking: A Top-down Approach, Addison-Wesley, 2010."},{"key":"ref028","doi-asserted-by":"crossref","unstructured":"Z.Li and S.Parsons, On argumentation with purely defeasible rules, in: 9th International Conference on Scaleable Uncertainty Management, Quebec City, 2015.","DOI":"10.1007\/978-3-319-23540-0_22"},{"key":"ref029","doi-asserted-by":"crossref","unstructured":"F.Martinelli, F.Santini and A.Yautsiukhin, Network security supported by arguments, in: Privacy, Security and Trust (PST), 2015 13th Annual Conference on, IEEE, 2015, pp.\u00a0165\u2013172. doi:10.1109\/PST.2015.7232969.","DOI":"10.1109\/PST.2015.7232969"},{"key":"ref030","doi-asserted-by":"crossref","unstructured":"A.Mayer, A.Wool and E.Ziskind, Fang: A firewall analysis engine, in: Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE Symposium on, IEEE, 2000, pp.\u00a0177\u2013187. doi:10.1109\/SECPRI.2000.848455.","DOI":"10.1109\/SECPRI.2000.848455"},{"key":"ref031","first-page":"335","volume":"216","author":"Modgil S.","year":"2010","journal-title":"COMMA"},{"key":"ref032","doi-asserted-by":"publisher","DOI":"10.1093\/logcom\/exq054"},{"key":"ref033","doi-asserted-by":"publisher","DOI":"10.1016\/j.artint.2012.10.008"},{"key":"ref034","doi-asserted-by":"crossref","unstructured":"J.M\u00fcller, A.Hunter and P.Taylor, Meta-level argumentation with argument schemes, in: Scalable Uncertainty Management, Springer, 2013, pp.\u00a092\u2013105. doi:10.1007\/978-3-642-40381-1_8.","DOI":"10.1007\/978-3-642-40381-1_8"},{"key":"ref035","doi-asserted-by":"publisher","DOI":"10.1080\/19462166.2014.913075"},{"key":"ref036","doi-asserted-by":"crossref","unstructured":"S.Parsons, E.I.Sklar and P.McBurney, Using argumentation to reason with and about trust, in: Proceedings of the 8th International Workshop on Argumentation in Multiagent Systems, Taipei, Taiwan, 2011.","DOI":"10.1007\/978-3-642-33152-7_12"},{"key":"ref037","unstructured":"S.Parsons, E.I.Sklar, J.Salvit, H.Wall and Z.Li, ArgTrust: Decision making with information from sources of varying trustworthiness (Demonstration), in: Proceedings of the 12th International Conference on Autonomous Agents and Multiagent Systems, St Paul, MN, 2013."},{"key":"ref038","doi-asserted-by":"publisher","DOI":"10.1093\/logcom\/13.3.347"},{"key":"ref039","doi-asserted-by":"publisher","DOI":"10.1080\/19462160903564592"},{"key":"ref040","doi-asserted-by":"crossref","unstructured":"H.Prakken and G.Sartor, Argument-based logic programming with defeasible priorities,\n Journal of Applied Non-classical Logics\n (1997).","DOI":"10.1080\/11663081.1997.10510900"},{"key":"ref041","doi-asserted-by":"crossref","unstructured":"P.Rajkhowa, S.M.Hazarika and G.R.Simari, An application of defeasible logic programming for firewall verification and reconfiguration, in: Quality, Reliability, Security and Robustness in Heterogeneous Networks, Springer, 2013, pp.\u00a0527\u2013542. doi:10.1007\/978-3-642-37949-9_47.","DOI":"10.1007\/978-3-642-37949-9_47"},{"key":"ref042","doi-asserted-by":"crossref","unstructured":"J.Rowe, K.Levitt, S.Parsons, E.I.Sklar, A.Applebaum and S.Jalal, Argumentation logic to assist in security administration, in: Proceedings of the 2012 Workshop on New Security Paradigms, ACM, 2012, pp.\u00a043\u201352. doi:10.1145\/2413296.2413301.","DOI":"10.1145\/2413296.2413301"},{"key":"ref043","doi-asserted-by":"publisher","DOI":"10.1007\/s10458-015-9289-1"},{"key":"ref044","unstructured":"E.I.Sklar, S.Parsons and M.P.Singh, Towards an argumentation-based model of social interaction, in: Proceedings of the Workshop on Argumentation in Multiagent Systems (ArgMAS) at the 12th International Conference on Autonomous Agents and Multiagent Systems (AAMAS), St. Paul, MN, 2013."},{"key":"ref045","unstructured":"B.Verheij, A labeling approach to the computation of credulous acceptance in argumentation, in: Proceedings of the 20th International Joint Conference on Artificial Intelligence, Hyderabad, India, 2007, pp.\u00a0623\u2013628."},{"key":"ref046","unstructured":"S.Villata, G.Boella, D.M.Gabbay and L.van der Torre, Arguing about trust in multiagent systems, in: Proceedings of the 11th Symposium on Artificial Intelligence of the Italian Association for Artificial Intelligence, Brescia, Italy, 2010."},{"key":"ref047","doi-asserted-by":"crossref","unstructured":"S.Villata, G.Boella, D.M.Gabbay and L.van der Torre, Arguing about the trustworthiness of the information sources, in: Proceedings of the European Conference on Symbolic and Quantitative Approaches to Reasoning and Uncertainty, Belfast, UK, 2011.","DOI":"10.1007\/978-3-642-22152-1_7"},{"key":"ref048","unstructured":"G.Vreeswijk, An algorithm to compute minimally grounded and admissible defence sets in argument systems, in: Proceedings of the First International Conference on Computational Models of Argument, Liverpool, UK, 2006, pp.\u00a0109\u2013120."},{"key":"ref049","unstructured":"D.N.Walton and E.C.W.Krabbe, Commitment in Dialogue: Basic Concepts of Interpersonal Reasoning, State University of New York Press, Albany, NY, USA, 1995."},{"key":"ref050","unstructured":"M.Wooldridge, An Introduction to Multiagent Systems, 2nd edn, Wiley, 2009."},{"key":"ref051","doi-asserted-by":"crossref","unstructured":"M.J.Wooldridge, S.Parsons and P.McBurney, The meta-logic of arguments, in: Proceedings of the 4th International Conference on Autonomous Agents and Multi-Agent Systems, Utrecht, the Netherlands, 2005.","DOI":"10.1145\/1082473.1082558"},{"key":"ref052","doi-asserted-by":"crossref","unstructured":"L.Yuan, H.Chen, J.Mai, C.Chuah, Z.Su and P.Mohapatra, Fireman: A toolkit for firewall modeling and analysis, in: Security and Privacy, 2006 IEEE Symposium on, IEEE, 2006, pp.\u00a01\u201315. doi:10.1109\/SP.2006.16.","DOI":"10.1109\/SP.2006.16"},{"key":"ref053","unstructured":"H.Zhao and S.Bellovin, Policy algebras for hybrid firewalls, in: Annual Conference of ITA (ACITA), Vol. 2007, 2007."}],"container-title":["Argument & Computation"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/AAC-160008","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/full-xml\/10.3233\/AAC-160008","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/journals.sagepub.com\/doi\/pdf\/10.3233\/AAC-160008","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T11:53:46Z","timestamp":1777377226000},"score":1,"resource":{"primary":{"URL":"https:\/\/journals.sagepub.com\/doi\/10.3233\/AAC-160008"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,11,3]]},"references-count":53,"journal-issue":{"issue":"2-3","published-print":{"date-parts":[[2016,11,28]]}},"alternative-id":["10.3233\/AAC-160008"],"URL":"https:\/\/doi.org\/10.3233\/aac-160008","relation":{},"ISSN":["1946-2166","1946-2174"],"issn-type":[{"value":"1946-2166","type":"print"},{"value":"1946-2174","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,11,3]]}}}