FWS: Analyzing, maintaining and transcompiling firewalls

Firewalls are essential for managing and protecting computer networks. They permit specifying which packets are allowed to enter a network, and also how these packets are modified by IP address translation and port redirection. Configuring a firewall is notoriously hard, and one of the reasons is that it requires using low level, hard to interpret, configuration languages. Equally difficult are policy maintenance and refactoring, as well as porting a configuration from one firewall system to another. To address these issues we introduce a pipeline that assists system administrators in checking if: (i) the intended security policy is actually implemented by a configuration; (ii) two configurations are equivalent; (iii) updates have the desired effect on the firewall behavior; (iv) there are useless or redundant rules; additionally, an administrator can (v) transcompile a configuration into an equivalent one in a different language; and (vi) maintain a configuration using a generic, declarative language that can be compiled into different target languages. The pipeline is based on IFCL, an intermediate firewall language equipped with a formal semantics, and it is implemented in an open source tool called FWS. In particular, the first stage decompiles real firewall configurations for iptables, ipfw, pf and (a subset of) Cisco IOS into IFCL. The second one transforms an IFCL configuration into a logical predicate and uses the Z3 solver to synthesize an abstract specification that succinctly represents the firewall behavior. System administrators can use FWS to analyze the firewall by posing SQL-like queries, and update the configuration to meet the desired security requirements. Finally, the last stage allows for maintaining a configuration by acting directly on its abstract specification and then compiling it to the chosen target language. Tests on real firewall configurations show that FWS can be fruitfully used in real-world scenarios.

Download Full-text

STRUKTUR KOMPLEKS DALAM BAHASA INDONESIA ILMIAH DAN MASALAH PENERJEMAHANNYA KE DALAM BAHASA INGGRIS

PARAFRASE Jurnal Kajian Kebahasaan & Kesastraan ◽

10.30996/parafrase.v17i1.1359 ◽

2018 ◽

Vol 17 (1) ◽

Author(s):

Ni Ketut Mirahayuni ◽

Susie Chrismalia Garnida ◽

Mateus Rudi Supsiadji

Keyword(s):

Complex Structure ◽

General Concept ◽

Target Language ◽

Complex Structures ◽

Scientific Language ◽

Logical Relation ◽

Information Packaging ◽

Weight Structure ◽

The Difference ◽

Target Languages

Abstract. Translating complex structures have always been a challenge for a translator since the structures can be densed with ideas and particular logical relations. The purpose of translation is reproducing texts into another language to make them available to wider readerships. Since language is not merely classification of a set of universal and general concept, that each language articulates or organizes the world differently, the concepts in one language can be radically different from another. One issue in translation is the difference among languages, that the wider gaps between the source and target languages may bring greater problems of transfer of message from the source into the target languages (Culler, 1976). Problematic factors involved in translation include meaning, style, proverbs, idioms and others. A number of translation procedures and strategies have been discussed to solve translation problems. This article presents analysis of complex structures in scientific Indonesian, the problems and effects on translation into English. The study involves data taken from two research article papers in Indonesian to be translated into English. The results of the analysis show seven (7) problems of Indonesian complex structures, whose effect on translation process can be grouped into two: complex structures related to grammar (including: complex structure with incomplete information, run-on sentences, redundancy , sentence elements with inequal semantic relation, and logical relation and choice of conjunctor) and complex structures related to information processing in discourse (including: front-weight- structure and thematic structure with changes of Theme element). Problems related to grammar may be solved with language economy and accuracy while those related to discourse may be solved with understanding information packaging patterns in the target language discourse. Keywords: scientific language, complex structures, translation

Download Full-text

Cloud Computing Framework for e-Health Security Requirements and Security Policy Rules Case Study: A European Cloud-Based Health System

Trust, Privacy and Security in Digital Business - Lecture Notes in Computer Science ◽

10.1007/978-3-030-58986-8_2 ◽

2020 ◽

pp. 17-31

Author(s):

Dimitra Georgiou ◽

Costas Lambrinoudakis

Keyword(s):

Cloud Computing ◽

Health System ◽

Security Policy ◽

Security Requirements ◽

Health Security ◽

Policy Rules ◽

Computing Framework

Download Full-text

Cloud Security Requirements Analysis and Security Policy Development Using HOOMT

Cloud Computing ◽

10.1201/b11149-28 ◽

2011 ◽

pp. 553-582 ◽

Cited By ~ 1

Author(s):

Kenneth Fletcher ◽

Xiaoqing Liu

Keyword(s):

Policy Development ◽

Security Policy ◽

Cloud Security ◽

Requirements Analysis ◽

Security Requirements

Download Full-text

Optimizing Tokenization Choice for Machine Translation across Multiple Target Languages

Prague Bulletin of Mathematical Linguistics ◽

10.1515/pralin-2017-0025 ◽

2017 ◽

Vol 108 (1) ◽

pp. 257-269 ◽

Cited By ~ 4

Author(s):

Nasser Zalmout ◽

Nizar Habash

Keyword(s):

Machine Translation ◽

Performance Enhancement ◽

Statistical Machine Translation ◽

Target Language ◽

Source Language ◽

Context Variable ◽

Significant Performance ◽

Morphologically Rich Languages ◽

Target Languages ◽

Language Text

AbstractTokenization is very helpful for Statistical Machine Translation (SMT), especially when translating from morphologically rich languages. Typically, a single tokenization scheme is applied to the entire source-language text and regardless of the target language. In this paper, we evaluate the hypothesis that SMT performance may benefit from different tokenization schemes for different words within the same text, and also for different target languages. We apply this approach to Arabic as a source language, with five target languages of varying morphological complexity: English, French, Spanish, Russian and Chinese. Our results show that different target languages indeed require different source-language schemes; and a context-variable tokenization scheme can outperform a context-constant scheme with a statistically significant performance enhancement of about 1.4 BLEU points.

Download Full-text

Are ideophones translatable? The case of translating isiZulu ideophones in DBZ Ntuli’s short story Uthingo Lwenkosazana (The Rainbow)

Literator ◽

10.4102/lit.v39i1.1408 ◽

2018 ◽

Vol 39 (1) ◽

Cited By ~ 1

Author(s):

Mthikazi Rose Masubelele

Keyword(s):

Short Story ◽

English Translation ◽

Target Language ◽

Translation Strategies ◽

Word Level ◽

Lexical Items ◽

To Come ◽

Target Languages

The meaning of words comes into play when words as units of translation are to be translated from one language into another. Lexical items that are extant in one language but not in others pose enormous problems for translators. The translation of ideophones – which feature very prominently in African discourse – is a case in point in this article. Translators faced with the translation of such forms are required to come up with strategies to aptly express their meanings in the target text. This article seeks to establish how CSZ Ntuli, in his English translation of an isiZulu short story Uthingo Lwenkosazana by DBZ Ntuli, has translated some of the ideophones used by the original author. Translation strategies used by CSZ Ntuli in his translation to express the meanings of the isiZulu ideophones will be brought to light in this article. It will be confirmed that CSZ Ntuli, using different lexical forms in the target language, has effectively changed unfamiliar isiZulu cultural notions to concepts that the English target reader can relate to. It will also be shown that the meanings of the isiZulu ideophones can be expressed in the target language using approximation and amplification as translation strategies provided that the translator has a good command of both source and target languages. The discussion will also look at how various translation scholars view the notion of equivalence at word level, and research on ideophones in isiZulu will also be reviewed.

Download Full-text

Dynamic FCFS ACM Model for Risk Assessment on Real Time Unix File System

Transportation Systems and Engineering ◽

10.4018/978-1-4666-8473-7.ch027 ◽

2015 ◽

pp. 551-571

Author(s):

Prashant Kumar Patra ◽

Padma Lochan Pradhan

Keyword(s):

Risk Assessment ◽

Access Control ◽

Security Policy ◽

Security Requirements ◽

Management Policy ◽

Security Model ◽

Distributed Environment ◽

Web Portal ◽

Proposed Model ◽

The Right

The access control is a mechanism that a system grants, revoke the right to access the object. The subject and object can able to integrate, synchronize, communicate and optimize through read, write and execute over a UFS. The access control mechanism is the process of mediating each and every request to system resources, application and data maintained by a operating system and determining whether the request should be approve, created, granted or denied as per top management policy. The AC mechanism, management and decision is enforced by implementing regulations established by a security policy. The management has to investigate the basic concepts behind access control design and enforcement, point out different security requirements that may need to be taken into consideration. The authors have to formulate and implement several ACM on normalizing and optimizing them step by step, that have been highlighted in proposed model for development and production purpose. This research paper contributes to the development of an optimization model that aims and objective to determine the optimal cost, time and maximize the quality of services to be invested into security model and mechanisms deciding on the measure components of UFS. This model has to apply to ACM utilities over a Web portal server on object oriented and distributed environment. This ACM will be resolve the uncertainty, un-order, un formal and unset up (U^4) problems of web portal on right time and right place of any where & any time in around the globe. It will be more measurable and accountable for performance, fault tolerance, throughput, bench marking and risk assessment on any application.

Download Full-text

Dynamic FCFS ACM Model for Risk Assessment on Real Time Unix File System

International Journal of Advanced Pervasive and Ubiquitous Computing ◽

10.4018/ijapuc.2013100104 ◽

2013 ◽

Vol 5 (4) ◽

pp. 41-62

Author(s):

Prashant Kumar Patra ◽

Padma Lochan Pradhan

Keyword(s):

Risk Assessment ◽

Access Control ◽

Security Policy ◽

Security Requirements ◽

Management Policy ◽

Security Model ◽

Distributed Environment ◽

Web Portal ◽

Proposed Model ◽

The Right

Download Full-text

Enhanced Meta-Learning for Cross-Lingual Named Entity Recognition with Minimal Resources

Proceedings of the AAAI Conference on Artificial Intelligence ◽

10.1609/aaai.v34i05.6466 ◽

2020 ◽

Vol 34 (05) ◽

pp. 9274-9281

Author(s):

Qianhui Wu ◽

Zijia Lin ◽

Guoxin Wang ◽

Hui Chen ◽

Börje F. Karlsson ◽

...

Keyword(s):

Learning Algorithm ◽

Named Entity Recognition ◽

Entity Recognition ◽

Target Language ◽

Test Case ◽

Named Entity ◽

Meta Learning ◽

Target Languages ◽

Cross Lingual ◽

The Given

For languages with no annotated resources, transferring knowledge from rich-resource languages is an effective solution for named entity recognition (NER). While all existing methods directly transfer from source-learned model to a target language, in this paper, we propose to fine-tune the learned model with a few similar examples given a test case, which could benefit the prediction by leveraging the structural and semantic information conveyed in such similar examples. To this end, we present a meta-learning algorithm to find a good model parameter initialization that could fast adapt to the given test case and propose to construct multiple pseudo-NER tasks for meta-training by computing sentence similarities. To further improve the model's generalization ability across different languages, we introduce a masking scheme and augment the loss function with an additional maximum term during meta-training. We conduct extensive experiments on cross-lingual named entity recognition with minimal resources over five target languages. The results show that our approach significantly outperforms existing state-of-the-art methods across the board.

Download Full-text

THE ACQUISITION OF TEMPORALITY IN A SECOND LANGUAGE.Rainer Dietrich, Wolfgang Klein, & Colette Noyau (Eds.). Amsterdam: Benjamins, 1995. Pp. xii + 288. $59.00 cloth.

Studies in Second Language Acquisition ◽

10.1017/s0272263198213064 ◽

1998 ◽

Vol 20 (3) ◽

pp. 423-424

Author(s):

Kathleen Bardovi-Harlig

Keyword(s):

Longitudinal Study ◽

Second Language Acquisition ◽

Language Acquisition ◽

Target Language ◽

Final Report ◽

Multiple Target ◽

European Science Foundation ◽

European Science ◽

Actual Design ◽

Target Languages

Imagine a three-year longitudinal study of the acquisition of multiple target languages by learners of different language backgrounds. It may sound like an idealized example from a research-methods lecture, but it is the actual design of the European Science Foundation inquiry into adult second language acquisition and the latest report released by Benjamins, a substantial revision of Volume 5 of the final report on temporality (Bhardwaj, Dietrich, & Noyau, 1988). This volume reports on the acquisition of temporality in five target languages (English, German, Dutch, French, and Swedish) by 21 learners of six source languages (Punjabi, Italian, Turkish, Arabic, Spanish, and Finnish) with learners from two source languages for each target language. The volume has eight chapters written by the main authors and cooperating contributors: “Introduction” (Dietrich & Perdue), “Frame of Analysis” (Klein), five chapters on the acquisition of temporality by target language—English (Klein), German (Dietrich), Dutch (Klein, Coenen, van Helvert, & Hendricks), French (Noyau, Houdaïfa, Vasseur, & Véronique), and Swedish (Noyau, Dorriots, Sjöström, & Voionmaa)—and “Conclusions” (Klein, Dietrich, & Noyau).

Download Full-text

Access Control Specification in UML

Integrating Security and Software Engineering ◽

10.4018/978-1-59904-147-6.ch010 ◽

2007 ◽

pp. 220-243

Author(s):

M. Koch ◽

F. Parisi-Presicce ◽

K. Pauls

Keyword(s):

Access Control ◽

Formal Semantics ◽

Security Requirements ◽

Software Systems ◽

Secure Systems ◽

Distributed Object ◽

Access Control Policies ◽

Software Engineers ◽

Uml Diagrams ◽

Distributed Object Systems

Security requirements have become an integral part of most modern software systems. In order to produce secure systems, it is necessary to provide software engineers with the appropriate systematic support. This chapter discusses a methodology to integrate the speci?cation of access control policies into UML. The methodology, along with the graph-based formal semantics for the UML access control speci?ca-tion, allows to reason about the coherence of the access control speci?cation. The chapter also presents a procedure to modify policy rules to guarantee the satisfaction of constraints, and shows how to generate access control requirements from UML diagrams. The main concepts in the UML access control speci?cation are illustrated with an example access control model for distributed object systems.

Download Full-text