We describe ITVal, a tool that enables the efficient analysis of an iptables-based firewall. The underlying basis of ITVal is a library for the efficient manipulation of multi-way decision diagrams. We represent iptables rule sets and queries about the firewall defined by those rule sets as multi-way decision diagrams, and determine answers for the queries by manipulating the diagrams. In addit...

This paper describes a policy-based approach to firewall management. The Policy-Based Networking (PBN) architecture proposed by the Policy Framework Group of IETF is analysed, together with the communication protocols, policy specification languages, and the necessary information models. The paper continues with a description of an application of the PBN architecture to firewall management. The...

In this paper we have present the architecture and module for internet firewall. The central component is fuzzy controller while properties of packets are fuzzified as inputs. On the basis of proposed fuzzy security algorithm, we have figured out security level of each packet and adjust according to packets dynamic states. Internet firewall can respond to these dynamics and take respective acti...

Firewalls are an important tool in the provision of network security. Packet filtering firewalls are configured by providing a set of rules that identify how to handle individual data packets that arrive at the firewall. In large firewall configurations, conflicts may arise between these rules. Argumentation provides a way of handling such conflicts that illuminates their origin, and hence can ...

Conventional firewalls rely on the notions of restricted topology and controlled entry points to function. More precisely, they rely on the assumption that everyone on one side of the entry point—the firewall—is to be trusted, and that anyone on the other side is, at least potentially, an enemy. The vastly expanded Internet connectivity in recent years has called that assumption into question. ...

En la actualidad existe una gran diversidad de dispositivos conectados a red Internet. Esto conlleva un mayor riesgo para información que se envía entre estos dispositivos. Los actualmente son protegidos por sistemas Firewall. este sentido, Pfsense es software Firewall proteger comunicación trabajo presenta el proceso instalación y configuración en máquina virtual VirtualBox. Además, VirtualBox...

For an effective field theory in the background of evaporating black hole with spherical symmetry, we consider non-renormalizable interactions and their relevance to physical effects. The geometry is determined by semi-classical Einstein equation for uneventful horizon where vacuum energy–momentum tensor small freely falling observers. Surprisingly, after Hawking radiation appears, transition a...

We present the design of a value-added ATM switch that is capable of performing packet-level (IP) filtering at the maximum throughput of 2.88 Gbit/s per port. This firewall switch nicely integrates the IP level security mechanisms into the hardware components of an ATM switch so that most of the filtering operations are performed in parallel with the normal cell processing, and most of its cost...

Applications that use CORBA as communication layer often have some restrictions for multi-domain deployment. This is particularly true when they have to face firewall/NAT traversal. Furthermore, nowadays there isn’t a well-accepted unique or standardized solution adopted by all ORBs, compelling applications using this middleware to use proprietary solutions that sometimes do not address the env...

The access control exercised by the Java Card firewall can be bypassed by the use of shareable objects. To help detecting unwanted access to objects, we propose a static analysis that calculates a safe approximation of the possible flow of objects between Java Card applets. The analysis deals with a subset of the Java Card bytecode focusing on aspects of the Java Card firewall, method invocatio...