Techniques and algorithms for access control list optimization |
| |
Authors: | Ibrahim M. Al Abdulmohsin [Author Vitae] |
| |
Affiliation: | Communications Engineering and Technical Support Department, Saudi Aramco, Dhahran 31311, Saudi Arabia |
| |
Abstract: | Access control lists are core features of today’s internetwork routers. They serve several purposes, most notably in filtering network traffic and securing critical networked resources. However, the addition of access control lists increases packet latency due to the overhead of extra computations involved. This paper presents simple techniques and algorithms for optimizing access control lists that can reduce significantly expected packet latencies without sacrificing security requirements. The emphasis throughout the paper is in providing a modular approach that can be implemented either fully or partially, both online and offline, based on the amount of overhead allowed. It also shows empirically and analytically where and why the greatest potential for optimization lies. |
| |
Keywords: | Access control lists Data networks optimization Network security |
本文献已被 ScienceDirect 等数据库收录! |