Title :
Architecture and applications for a distributed embedded firewall
Author :
Payne, Charles ; Markham, Tom
Abstract :
The distributed firewall is an important new line of network defense. It provides fine-grained access control to augment the protections afforded by the traditional perimeter firewall. To be effective, though, a distributed firewall must satisfy two critical requirements. First, it must embrace a protection model that acknowledges that everything behind the firewall may not be trustworthy. The malicious insider with unobstructed access the network can still mount limited attacks. Second, the firewall must be tamper-resistant. Any firewall that executes on the same untrusted operating system that it is charged to protect begs the question: who is protecting whom? This paper presents a new distributed, embedded firewall that satisfies both requirements. The firewall filters Internet Protocol traffic to and from the host. The firewall is tamper-resistant because it is independent of the host´s operating system. It is implemented on the host´s network interface card and managed by a protected, central policy server located elsewhere on the network. This paper describes the firewall´s architecture and associated assurance claims and discusses unique applications for it.
Keywords :
Internet; authorisation; client-server systems; Internet Protocol traffic; central policy server; distributed embedded firewall; fine-grained access control; malicious insider; network defense; protection model; tamper-resistance; untrusted operating system; Access control; Information filtering; Information filters; Internet; Network interfaces; Network servers; Operating systems; Protection; Protocols; Telecommunication traffic;
Conference_Titel :
Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
Print_ISBN :
0-7695-1405-7
DOI :
10.1109/ACSAC.2001.991548