Analyzing an access control list for a router to identify a subsumption relation between elements in the list

Analyzing an access control list for a router to identify a subsumption relation between elements in the list

Methods are described for analyzing access list subsumption in routing devices of a computer network and for identifying computer network integrity violations, by producing structured data that includes stored router names and access lists that include elements with address/mask pairs, or patterns u...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: PELAVIN RICHARD N, MCGUIRE JAMES G, MADAN HERBERT S
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Methods are described for analyzing access list subsumption in routing devices of a computer network and for identifying computer network integrity violations, by producing structured data that includes stored router names and access lists that include elements with address/mask pairs, or patterns used to filter data into and out of a routing device, respectively; determining whether access lists in the structured data include elements in which a first element in the access list has a more general or equal address/mask pair, or pattern, respectively, than a second or subsequent element, or pattern; and storing in electronic memory a report of elements or a list of patterns, respectively, in which a first element or pattern is more general than or equal to a second or subsequent element or pattern.