Angel Jesus Varela-Vaca

Learn More
Firewalls provide the first line of defence of nearly all networked institutions today. However, Firewall ACLs could have inconsistencies, allowing traffic that should be denied or vice versa. In this paper, we analyze the inconsistency characterization problem as a separate problem of the diagnosis one, and propose formal definitions in order to(More)
Several reports indicate that the highest business priorities include: business improvement, security, and IT management. The importance of security and risk management is gaining that even government statements in some cases have imposed the inclusion of security and risk management within business management. Risk assessment has become an essential(More)
The verification of the properties of a business process (BP) has become a significant research topic in recent years. In the early stages of development, the BP model (e.g. BPMN, EPC), the BP contract (task contract, regulations and laws, business rules), and the test objectives (requirements) are the only elements available. In order to support the(More)
Developing and managing firewall Access Control Lists (ACLs) are hard, time-consuming, and error-prone tasks for a variety of reasons. Complexity of networks is constantly increasing, as it is the size of firewall ACLs. Networks have different access control requirements which must be translated by a network administrator into firewall ACLs. During this(More)
Writing and managing firewall ACLs are hard, tedious, time-consuming and error-prone tasks for a wide range of reasons. During these tasks, inconsistent rules can be introduced. An inconsistent firewall ACL implies in general a design fault, and indicates that the firewall is accepting traffic that should be denied or vice versa. This can result in severe(More)
Business Process models allow business experts to describe the activities that must be performed to achieve a defined goal. Several imperative standard languages have been created to describe both control-flow and data-flow perspectives. Unfortunately, the imperative specification may be very difficult, complex and even inefficient to any kind of models,(More)