Improvement of ACL assembly algorithm

To prevent harmful information through ISP's firewall, major technical measures are filtering technology and classification access. ACL assembly technology can effectively achieve the effect of fine filtering and restricted access, so the network equipment with the application of ACL assembly technology is a new research direction. This paper briefly introduces the basic principles and development of ACL assembly, and focuses on the matching performance of ACL assembly. An improved NP+TCAM-based ternary bitmap matching algorithm is proposed to effectively minimize the number of times of matching when assembling ACLs. The test data suggest that this algorithm effectively improves the real-timeliness of correlation matching.

[1]  Tu Rui Optimization of access control list based on locator/identifier split , 2010 .

[2]  Dinesh C. Verma,et al.  Policy-based management of content distribution networks , 2002, IEEE Netw..

[3]  Shen Zhong-cheng The Application of ACL in Campus Network , 2010 .

[4]  Gao Huan-cha Application of Access Control List in Network Security , 2014 .

[5]  Guru M. Parulkar,et al.  Detecting and resolving packet filter conflicts , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).