Abstract
This paper examines Access Control Lists (ACLs) that are used primarily in IP routers for providing network admission control and maintaining a certain level of Quality of Service. We present a method for modeling ACLs and firewall rules in various systems that use the same logic for their operation. Besides, we analyze the performance impact of ACLs on the packet forwarding capability of a router with discrete-time QBD processes.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Funke, R., Grote, A., Heiss, H.-U.: Performance Evaluation of Firewalls in Gigabit-networks. In: Proc. of 1999 Symposium on Performance Evaluation of Computer and Telecommuniction Systems, Chicago (1999)
Catalyst 6000 Family Multilayer Switch Feature Card and Policy Feature Card Configuration Guide, Configuring Access Control Lists, Cisco Systems Inc. (2004), http://www.cisco.com/univercd/home/home.htm
Held, G.: Working with Cisco Access Lists. Int. J. Network Mgmt. 9, 151–154 (1999)
Hazelhurst, S.: A Proposal for Dynamic Access Lists for TCP/IP Packet Filtering. Univer-sity of Witwatersrand, Johannesburg, Technical Report TR-Wits-CS-2001-2 (2001)
Neuts, M.F.: Matrix-Geometric Solutions in Stochastic Models, pp. 81–107, pp. 63–70, pp. 112–114. Johns Hopkins University Press, Baltimore (1981)
Neuts, M.F.: Structured Stochastic Matrices of M/G/1 Type and Their Applications, pp. 231–248. Marcel Dekker, New York (1989)
Ye, J., Li, S.: Folding Algorithm: A Computational Method for Finite QBD Processes with Level-Dependent Transitions. IEEE Trans. Commu. 42(2), 625–639 (1994)
Li, S., Sheng, H.-D.: Generalized Folding Algorithm For Sojourn Time Analysis of Finite QBD Processes and its Queuing Applications. In: Proc. of International Conference on Multimedia Computing and Systems, pp. 394–398 (1996)
Latouche, G., Ramaswami, V.: Introduction to Matrix Analytic Methods in Stochastic Modeling. By the American Statistical Association and the Society for Industrial and Applied Mathematics, 83–99, 221–237 (1999)
The discrete event Network Simulator – ns-2, from the University of Southern California, Information Sciences Institute, http://www.isi.edu/nsnam/ns/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Palugya, S., Csorba, M.J. (2005). Modeling Access Control Lists with Discrete-Time Quasi Birth-Death Processes. In: Yolum, p., Güngör, T., Gürgen, F., Özturan, C. (eds) Computer and Information Sciences - ISCIS 2005. ISCIS 2005. Lecture Notes in Computer Science, vol 3733. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11569596_26
Download citation
DOI: https://doi.org/10.1007/11569596_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29414-6
Online ISBN: 978-3-540-32085-2
eBook Packages: Computer ScienceComputer Science (R0)