Internet security: firewalls and beyond
Communications of the ACM
Establishing the business value of network security using analytical hierarchy process
Creating business value with information technology
Network system and world wide web security
Computer Communications
| Hi-index | 4.12 |
The Internet continues its triumphant advance. It is commonly seen as the first incarnation of an information superhighway, or a national information infrastructure (NII). Because the Internet is dynamic, it has already changed significantly. The initial, research-oriented Internet and its protocol suite were designed for a benign environment best described as collegial, where users and hosts were mutually trusting and interested in a free, open exchange of information. These days, the Internet environment is less collegial and trustworthy; it encompasses all the risks, dangerous situations, and human vices found in society as a whole. The Internet has just entered the Middle Ages. The simple security model of the Stone Age still works for single hosts and LANs. But it no longer works for WANs in general and the Internet in particular. As a first step, firewalls have been erected at the Internet gateways. Because they are capable of selectively dropping or forwarding IP datagrams, firewalls also restrict the connectivity of the Internet as a whole. The Internet's firewalls are thus comparable to the town walls and front gates of the Middle Ages. Screening routers correspond to general-purpose gates, while proxy servers and application-layer gateways correspond to specialized gates