The Multilayer Firewall

We present a new security technology called the Multilayer Firewall. We argue that it is useful in some situations for which other approaches, such as cryptographically protected communications, present operational or economic difficulties. In other circumstances a Multilayer Firewall can compliment such security technology by providing additional protection against intruder attacks. We first present the operational theory behind the Multilayer Firewall and then describe a prototype that we designed and

[1]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[2]  D. Nessett,et al.  Policy route certification: Requirements and techniques , 1991 .

[3]  Sandra L. Murphy,et al.  Digital signature protection of the OSPF routing protocol , 1996, Proceedings of Internet Society Symposium on Network and Distributed Systems Security.

[4]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[5]  Foteini Andria CSIS CORBA Security , 1998 .

[6]  Dan Nessett,et al.  Scalability of Security in Distributed Object Systems: Panel Session , 1999 .

[7]  D. Brent Chapman,et al.  Network (In)Security Through IP Packet Filtering , 1992, USENIX Summer.

[8]  Alan O. Freier,et al.  The SSL Protocol Version 3.0 , 1996 .

[9]  J. J. Garcia-Luna-Aceves,et al.  Securing distance-vector routing protocols , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[10]  Stephen T. Kent,et al.  Securing the Nimrod routing architecture , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[11]  C. Weissman BLACKER: security for the DDN examples of A1 security engineering trades , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  David Thompson,et al.  1997 Computer Crime and Security Survey , 1998, Inf. Manag. Comput. Secur..

[13]  William Cheswick,et al.  Firewalls and Internet Security , 1994 .

[14]  Elizabeth D. Zwicky,et al.  Building internet firewalls , 1995 .

[15]  Kenneth P. Birman,et al.  Tools for distributed application management , 1991, Computer.

[16]  Glen Zorn,et al.  Layer Two Tunneling Protocol "L2TP" , 1999, RFC.

[17]  Joshua D. Guttman,et al.  Filtering postures: local enforcement for global policies , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[18]  Hilarie K. Orman,et al.  The OAKLEY Key Determination Protocol , 1997, RFC.

[19]  Ashar Aziz,et al.  SKIP-securing the Internet , 1996, Proceedings of WET ICE '96. IEEE 5th Workshop on Enabling Technologies; Infrastucture for Collaborative Enterprises.

[20]  Brad Curtis Johnson Subject: a Distributed Computing Environment Framework: an Osf Perspective , 1991 .

[21]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[22]  W. Douglas Maughan,et al.  Internet Security Association and Key Management Protocol (ISAKMP) , 1998, RFC.

[23]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[24]  Steffen Stempel IpAccess-an Internet service access system for firewall installations , 1995, Proceedings of the Symposium on Network and Distributed System Security.