Chapter 20. Firewalls

Previous page
Table of content
Next page

[Page 621]

20.1 Firewall Design Principles

Firewall Characteristics

Types of Firewalls

Firewall Configurations

20.2 Trusted Systems

Data Access Control

The Concept of Trusted Systems

Trojan Horse Defense

20.3 Common Criteria for Information Technology Security Evaluation

Requirements

Profiles and Targets

20.4 Recommended Reading and Web Sites

20.5 Key Terms, Review Questions, and Problems

Key Terms

Review Questions

Problems


[Page 622]

The function of a strong position is to make the forces holding it practically unassailable.

On War, Carl Von Clausewitz

On the day that you take up your command, block the frontier passes, destroy the official tallies, and stop the passage of all emissaries.

The Art of War, Sun Tzu

Key Points

  • A firewall forms a barrier through which the traffic going in each direction must pass. A firewall security policy dictates which traffic is authorized to pass in each direction.

  • A firewall may be designed to operate as a filter at the level of IP packets, or may operate at a higher protocol layer.

  • A trusted system is a computer and operating system that can be verified to implement a given security policy. Typically, the focus of a trusted system is access control. A policy is implemented that dictates what objects may be accessed by what subjects.

  • The common criteria for information technology security is an international standards initiative to define a common set of security requirements and a systematic means of evaluating products against those requirements.


Firewalls can be an effective means of protecting a local system or network of systems from network-based security threats while at the same time affording access to the outside world via wide area networks and the Internet.

We begin this chapter with an overview of the functionality and design principles of firewalls. Next, we address the issue of the security of the firewall itself and, in particular, the concept of a trusted system, or secure operating system.



Previous page
Table of content
Next page
Cryptography and Network Security Principles and Practices
Cryptography and Network Security (4th Edition)
ISBN: 0131873164
EAN: 2147483647
Year: 2005
Pages: 209
Authors: William Stallings
BUY ON AMAZON
Oracle Developer Forms Techniques
Adobe After Effects 7.0 Studio Techniques
C++ GUI Programming with Qt 3
Introduction to 80x86 Assembly Language and Computer Architecture
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy