Emulating an embedded firewall
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
The case for prevention-based, host-resident defenses in the modern PCS network
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
A stateful CSG-based distributed firewall architecture for robust distributed security
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
| Hi-index | 0.00 |
The distributed firewall is an important new line of networkdefense. It provides fine-grained access control toaugment the protections afforded by the traditional perimeterfirewall. To be effective, though, a distributed firewallmust satisfy two critical requirements. First, it must embracea protection model that acknowledges that everythingbehind the firewall may not be trustworthy. The maliciousinsider with unobstructed access the network can stillmount limited attacks. Second, the firewall must be tamperresistant.Any firewall that executes on the same untrustedoperating system that it is charged to protect begs the question:who is protecting whom? This paper presents a newdistributed, embedded firewall that satisfies both requirements.The firewall filters Internet Protocol traffic to andfrom the host. The firewall is tamper-resistant because itis independent of the host's operating system. It is implementedon the host's network interface card and managedby a protected, central policy server located elsewhere onthe network. This paper describes the firewall's architectureand associated assurance claims and discusses uniqueapplications for it.