Title :
A reference model for firewall technology
Author :
Schuba, Christoph L. ; Spafford, Egene H.
Author_Institution :
Dept. of Comput. Sci., Purdue Univ., West Lafayette, IN, USA
Abstract :
The paper concentrates on one particular technological aspect of providing communications security, firewall technology. Currently firewall technology is a specialized engineering solution rather than a scientifically based solution. The paper introduces a reference model that captures existing firewall technology and allows for an extension to networking technologies to which it was not applied previously. It can serve as a framework in which firewall systems can be designed and validated. The essential components of the reference model are authentication, integrity assurance, access control, audit, and their enforcement. All components are governed by a centralized security policy, and they can be deployed in a distributed fashion to achieve scaling
Keywords :
authorisation; computer network management; data integrity; message authentication; access control; audit; authentication; centralized security policy; communications security; firewall systems; firewall technology; integrity assurance; networking technologies; reference model; specialized engineering solution; technological aspect; Communication system control; Communication system traffic control; Data communication; Data security; IP networks; Open systems; Paper technology; Payloads; Protection; Protocols;
Conference_Titel :
Computer Security Applications Conference, 1997. Proceedings., 13th Annual
Conference_Location :
San Diego, CA
Print_ISBN :
0-8186-8274-4
DOI :
10.1109/CSAC.1997.646183
