The packer filter: an efficient mechanism for user-level network code
SOSP '87 Proceedings of the eleventh ACM Symposium on Operating systems principles
Building Internet firewalls (2nd ed.)
Building Internet firewalls (2nd ed.)
PPP design, implementation, and debugging
PPP design, implementation, and debugging
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
Network Security Hacks
The BSD packet filter: a new architecture for user-level packet capture
USENIX'93 Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings
Network smart card review and analysis
Computer Networks: The International Journal of Computer and Telecommunications Networking
Application of Network Smart Cards to Citizens Identification Systems
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
| Hi-index | 0.00 |
Network smart cards are smart cards with networking capabilities. They have opened new opportunities for the use of smart cards in Internet applications. At the same time, network smart cards are exposed to network security threats just as other computers on the Internet. Unfortunately, existing designs of network security mechanisms, such as packet filtering, may not be best suited for smart cards because the computing resources of the cards are too limited. This paper presents a new packet filtering approach that overcomes this difficulty. The packet filtering is performed in multiple stages. It drops unwanted packets as early as possible, starting at the I/O interrupt level. This builds a network firewall inside smart cards and reduces resource usage for packet processing. It can be used with different hardware and software configurations and with various filter rules. Advantages of this approach include better security, reduced memory usage, and enhanced performance.