Decreasing Access Control List Processed in Hardware

Ishikawa, Takumichi; Yoshiura, Noriaki

doi:10.1007/978-3-642-04492-2_51

Takumichi Ishikawa²⁰ &
Noriaki Yoshiura²⁰

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 5787))

Included in the following conference series:

Asia-Pacific Network Operations and Management Symposium

941 Accesses

Abstract

Access control list (ACL) is one of the most important things in computer network security. While cheap router or PC processes ACL by software, network equipment such as Layer 2 or 3 switch processes ACL by hardware because there is a speed limit in software process ability. The hardware process of ACL can handle high speed network packet, however, this capability limits ACL configuration such as the limit of the number of rules in ACL. This paper proposes the software that decreases the number of rules in ACL to satisfy the limit of hardware. This paper also evaluates this software by experiment in which this software is applied to practical ACL.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Grout, V., McGinn, J., Davies, J.: Real-time optimisation of access control lists for efficient Internet packet filtering. J Heuristics (2007)
Google Scholar
Alessandri, D.: Access Control List Processing in Hardware, Diploma Thesis, Zurich, Switzerland: ETH, Electrical Engineering Department (1997)
Google Scholar
Ata, S., Hwang, H., Yamamoto, K., Inoue, K., Murata, M.: Managment of Routing Table in TCAM for Reducing Cost and Power Consumption, IEICE technical report, information networks (2007)
Google Scholar
Alcatel-Lucent, http://www.alcatel-lucent.com/wps/potal/
Alcatel: OmniSwitch 7700/7800 OmniSwitch 8800 Network Configuration Guide (2005)
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Information and Computer Science, Saitama University, 255, Shimo-ookubo, Sakura-ku, Saitama City, Saitama Prefecture, Japan
Takumichi Ishikawa & Noriaki Yoshiura

Authors

Takumichi Ishikawa
View author publications
You can also search for this author in PubMed Google Scholar
Noriaki Yoshiura
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Engineering, Kyung Hee University, 1 Seocheon, Giheung, Yongin, 446-701, Gyeonggi, South Korea
Choong Seon Hong
Service Platforms Laboratories, NEC Corporation, 1753, Shimonumabe, Nakahara-Ku, Kawasaki, Kanagawa 211, 8666, Japan
Toshio Tonouchi
Information Network Center, Beijing University of Posts and Telecommunications, 10 Xitucheng Road, Haidian District, 100876, Beijing, China
Yan Ma
Department of Communications Engineering, Feng Chia University, 100 Wenhwa Road, Seatwen, 40724, Taichung, Taiwan
Chi-Shih Chao

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Ishikawa, T., Yoshiura, N. (2009). Decreasing Access Control List Processed in Hardware. In: Hong, C.S., Tonouchi, T., Ma, Y., Chao, CS. (eds) Management Enabling the Future Internet for Changing Business and New Computing Services. APNOMS 2009. Lecture Notes in Computer Science, vol 5787. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04492-2_51

Download citation

DOI: https://doi.org/10.1007/978-3-642-04492-2_51
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04491-5
Online ISBN: 978-3-642-04492-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics