A reference model for firewall technology

Author

Schuba, Christoph L. ; Spafford, Egene H.

Author_Institution

Dept. of Comput. Sci., Purdue Univ., West Lafayette, IN, USA

fYear

1997

fDate

8-12 Dec 1997

Firstpage

133

Lastpage

145

Abstract

The paper concentrates on one particular technological aspect of providing communications security, firewall technology. Currently firewall technology is a specialized engineering solution rather than a scientifically based solution. The paper introduces a reference model that captures existing firewall technology and allows for an extension to networking technologies to which it was not applied previously. It can serve as a framework in which firewall systems can be designed and validated. The essential components of the reference model are authentication, integrity assurance, access control, audit, and their enforcement. All components are governed by a centralized security policy, and they can be deployed in a distributed fashion to achieve scaling

Keywords

authorisation; computer network management; data integrity; message authentication; access control; audit; authentication; centralized security policy; communications security; firewall systems; firewall technology; integrity assurance; networking technologies; reference model; specialized engineering solution; technological aspect; Communication system control; Communication system traffic control; Data communication; Data security; IP networks; Open systems; Paper technology; Payloads; Protection; Protocols;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1997. Proceedings., 13th Annual

Conference_Location

San Diego, CA

ISSN

1063-9527

Print_ISBN

0-8186-8274-4

Type

conf

DOI

10.1109/CSAC.1997.646183

Filename

646183