Tuning the quality parameters of a firewall to maximize net benefit

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review

2 Scopus Citations
View graph of relations



Original languageEnglish
Pages (from-to)321-329
Journal / PublicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publication statusPublished - 2004
Externally publishedYes


A firewall protects the informational assets of an organization from intruders. Incoming message packets are filtered by the firewall before being forwarded to their destinations inside the organization. In the process, a fraction q1 of benign (i.e., desirable or harmless) packets and a fraction q2 of intrusive (i.e., undesirable or harmful) packets get blocked. Ideally, we should have q1 = 0 and q2 = 1, but in practice q1 and q2 are functionally related. Since the firewall has a non-zero service time, it also causes a delay because packets get queued for service. Thus by using a firewall an organization incurs a cost, but there is also a corresponding benefit. This study considers the simple case when a single firewall is in use. We do an economic analysis and derive a mathematical expression for the net benefit. We then maximize it by tuning the quality parameters q1 and q2 appropriately. © Springer-Verlag 2003.