Abstract
Access control list (ACL) is one of the most important things in computer network security. While cheap router or PC processes ACL by software, network equipment such as Layer 2 or 3 switch processes ACL by hardware because there is a speed limit in software process ability. The hardware process of ACL can handle high speed network packet, however, this capability limits ACL configuration such as the limit of the number of rules in ACL. This paper proposes the software that decreases the number of rules in ACL to satisfy the limit of hardware. This paper also evaluates this software by experiment in which this software is applied to practical ACL.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Grout, V., McGinn, J., Davies, J.: Real-time optimisation of access control lists for efficient Internet packet filtering. J Heuristics (2007)
Alessandri, D.: Access Control List Processing in Hardware, Diploma Thesis, Zurich, Switzerland: ETH, Electrical Engineering Department (1997)
Ata, S., Hwang, H., Yamamoto, K., Inoue, K., Murata, M.: Managment of Routing Table in TCAM for Reducing Cost and Power Consumption, IEICE technical report, information networks (2007)
Alcatel-Lucent, http://www.alcatel-lucent.com/wps/potal/
Alcatel: OmniSwitch 7700/7800 OmniSwitch 8800 Network Configuration Guide (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ishikawa, T., Yoshiura, N. (2009). Decreasing Access Control List Processed in Hardware. In: Hong, C.S., Tonouchi, T., Ma, Y., Chao, CS. (eds) Management Enabling the Future Internet for Changing Business and New Computing Services. APNOMS 2009. Lecture Notes in Computer Science, vol 5787. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04492-2_51
Download citation
DOI: https://doi.org/10.1007/978-3-642-04492-2_51
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04491-5
Online ISBN: 978-3-642-04492-2
eBook Packages: Computer ScienceComputer Science (R0)