Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall...
Transcript of Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall...
![Page 1: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/1.jpg)
Henric Johnson 1
Chapter 10
Firewalls
Blekinge Institute of Technology, Sweden
http://www.its.bth.se/staff/hjo/
+46-708-250375
![Page 2: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/2.jpg)
Henric Johnson 2
Outline
• Firewall Design Principles – Firewall Characteristics – Types of Firewalls – Firewall Configurations
• Trusted Systems – Data Access Control – The Concept of Trusted systems – Trojan Horse Defense
![Page 3: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/3.jpg)
Henric Johnson 3
Firewalls
• Effective means of protection a local system or network of systems from network-based security threats while affording access to the outside world via WAN`s or the Internet
![Page 4: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/4.jpg)
Henric Johnson 4
Firewall Design Principles
• Information systems undergo a
steady evolution (from small LAN`s to Internet connectivity)
• Strong security features for all workstations and servers not established
![Page 5: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/5.jpg)
Henric Johnson 5
Firewall Design Principles
• The firewall is inserted between the
premises network and the Internet
• Aims: – Establish a controlled link
– Protect the premises network from Internet-based attacks
– Provide a single choke point
![Page 6: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/6.jpg)
Henric Johnson 6
Firewall Characteristics
• Design goals: – All traffic from inside to outside must
pass through the firewall (physically blocking all access to the local network except via the firewall)
– Only authorized traffic (defined by the local security police) will be allowed to pass
![Page 7: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/7.jpg)
Henric Johnson 7
Firewall Characteristics
• Design goals: – The firewall itself is immune to
penetration (use of trusted system with a secure operating system)
![Page 8: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/8.jpg)
Henric Johnson 8
Firewall Characteristics
• Four general techniques: • Service control
– Determines the types of Internet services that can be accessed, inbound or outbound
• Direction control – Determines the direction in which
particular service requests are allowed to flow
![Page 9: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/9.jpg)
Henric Johnson 9
Firewall Characteristics
• User control – Controls access to a service according to
which user is attempting to access it
• Behavior control – Controls how particular services are
used (e.g. filter e-mail)
![Page 10: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/10.jpg)
Henric Johnson 10
Types of Firewalls
• Three common types of Firewalls: – Packet-filtering routers
– Application-level gateways
– Circuit-level gateways
– (Bastion host)
![Page 11: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/11.jpg)
Henric Johnson 11
Types of Firewalls
• Packet-filtering Router
![Page 12: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/12.jpg)
Henric Johnson 12
Types of Firewalls
• Packet-filtering Router – Applies a set of rules to each incoming
IP packet and then forwards or discards the packet
– Filter packets going in both directions – The packet filter is typically set up as a
list of rules based on matches to fields in the IP or TCP header
– Two default policies (discard or forward)
![Page 13: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/13.jpg)
Henric Johnson 13
Types of Firewalls
• Advantages: – Simplicity – Transparency to users – High speed
• Disadvantages: – Difficulty of setting up packet filter
rules – Lack of Authentication
![Page 14: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/14.jpg)
Henric Johnson 14
Types of Firewalls
• Possible attacks and appropriate countermeasures – IP address spoofing
– Source routing attacks
– Tiny fragment attacks
![Page 15: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/15.jpg)
Henric Johnson 15
Types of Firewalls
• Application-level Gateway
![Page 16: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/16.jpg)
Henric Johnson 16
Types of Firewalls
• Application-level Gateway – Also called proxy server
– Acts as a relay of application-level traffic
![Page 17: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/17.jpg)
Henric Johnson 17
Types of Firewalls
• Advantages: – Higher security than packet filters
– Only need to scrutinize a few allowable applications
– Easy to log and audit all incoming traffic
• Disadvantages: – Additional processing overhead on each
connection (gateway as splice point)
![Page 18: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/18.jpg)
Henric Johnson 18
Types of Firewalls
• Circuit-level Gateway
![Page 19: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/19.jpg)
Henric Johnson 19
Types of Firewalls
• Circuit-level Gateway – Stand-alone system or
– Specialized function performed by an Application-level Gateway
– Sets up two TCP connections
– The gateway typically relays TCP segments from one connection to the other without examining the contents
![Page 20: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/20.jpg)
Henric Johnson 20
Types of Firewalls
• Circuit-level Gateway – The security function consists of
determining which connections will be allowed
– Typically use is a situation in which the system administrator trusts the internal users
– An example is the SOCKS package
![Page 21: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/21.jpg)
Henric Johnson 21
Types of Firewalls
• Bastion Host – A system identified by the firewall
administrator as a critical strong point in the network´s security
– The bastion host serves as a platform for an application-level or circuit-level gateway
![Page 22: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/22.jpg)
Henric Johnson 22
Firewall Configurations
• In addition to the use of simple configuration of a single system (single packet filtering router or single gateway), more complex configurations are possible
• Three common configurations
![Page 23: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/23.jpg)
Henric Johnson 23
Firewall Configurations
• Screened host firewall system (single-homed bastion host)
![Page 24: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/24.jpg)
Henric Johnson 24
Firewall Configurations
• Screened host firewall, single-homed bastion configuration
• Firewall consists of two systems: – A packet-filtering router
– A bastion host
![Page 25: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/25.jpg)
Henric Johnson 25
Firewall Configurations
• Configuration for the packet-filtering router: – Only packets from and to the bastion
host are allowed to pass through the router
• The bastion host performs authentication and proxy functions
![Page 26: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/26.jpg)
Henric Johnson 26
Firewall Configurations
• Greater security than single configurations because of two reasons: – This configuration implements both
packet-level and application-level filtering (allowing for flexibility in defining security policy)
– An intruder must generally penetrate two separate systems
![Page 27: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/27.jpg)
Henric Johnson 27
Firewall Configurations
• This configuration also affords flexibility in providing direct Internet access (public information server, e.g. Web server)
![Page 28: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/28.jpg)
Henric Johnson 28
Firewall Configurations
• Screened host firewall system (dual-homed bastion host)
![Page 29: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/29.jpg)
Henric Johnson 29
Firewall Configurations
• Screened host firewall, dual-homed bastion configuration – The packet-filtering router is not
completely compromised
– Traffic between the Internet and other hosts on the private network has to flow through the bastion host
![Page 30: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/30.jpg)
Henric Johnson 30
Firewall Configurations
• Screened-subnet firewall system
![Page 31: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/31.jpg)
Henric Johnson 31
Firewall Configurations
• Screened subnet firewall configuration – Most secure configuration of the three
– Two packet-filtering routers are used
– Creation of an isolated sub-network
![Page 32: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/32.jpg)
Henric Johnson 32
Firewall Configurations
• Advantages: – Three levels of defense to thwart
intruders
– The outside router advertises only the existence of the screened subnet to the Internet (internal network is invisible to the Internet)
![Page 33: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/33.jpg)
Henric Johnson 33
Firewall Configurations
• Advantages: – The inside router advertises only the
existence of the screened subnet to the internal network (the systems on the inside network cannot construct direct routes to the Internet)
![Page 34: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/34.jpg)
Henric Johnson 34
Trusted Systems
• One way to enhance the ability of a system to defend against intruders and malicious programs is to implement trusted system technology
![Page 35: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/35.jpg)
Henric Johnson 35
Data Access Control
• Through the user access control procedure (log on), a user can be identified to the system
• Associated with each user, there can be a profile that specifies permissible operations and file accesses
• The operation system can enforce rules based on the user profile
![Page 36: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/36.jpg)
Henric Johnson 36
Data Access Control
• General models of access control: – Access matrix
– Access control list
– Capability list
![Page 37: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/37.jpg)
Henric Johnson 37
Data Access Control
• Access Matrix
![Page 38: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/38.jpg)
Henric Johnson 38
Data Access Control
• Access Matrix: Basic elements of the model – Subject: An entity capable of accessing
objects, the concept of subject equates with that of process
– Object: Anything to which access is controlled (e.g. files, programs)
– Access right: The way in which an object is accessed by a subject (e.g. read, write, execute)
![Page 39: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/39.jpg)
Henric Johnson 39
Data Access Control
• Access Control List: Decomposition of the matrix by columns
![Page 40: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/40.jpg)
Henric Johnson 40
Data Access Control
• Access Control List – An access control list lists users and
their permitted access right
– The list may contain a default or public entry
![Page 41: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/41.jpg)
Henric Johnson 41
Data Access Control
• Capability list: Decomposition of the matrix by rows
![Page 42: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/42.jpg)
Henric Johnson 42
Data Access Control
• Capability list – A capability ticket specifies authorized
objects and operations for a user
– Each user have a number of tickets
![Page 43: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/43.jpg)
Henric Johnson 43
The Concept of Trusted Systems
• Trusted Systems
– Protection of data and resources on the basis of levels of security (e.g. military)
– Users can be granted clearances to access certain categories of data
![Page 44: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/44.jpg)
Henric Johnson 44
The Concept of Trusted Systems
• Multilevel security
– Definition of multiple categories or levels of data
• A multilevel secure system must enforce: – No read up: A subject can only read an object
of less or equal security level (Simple Security Property)
– No write down: A subject can only write into an object of greater or equal security level (*-Property)
![Page 45: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/45.jpg)
Henric Johnson 45
The Concept of Trusted Systems
• Reference Monitor Concept:
Multilevel security for a data processing system
![Page 46: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/46.jpg)
Henric Johnson 46
The Concept of Trusted Systems
![Page 47: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/47.jpg)
Henric Johnson 47
The Concept of Trusted Systems
• Reference Monitor
– Controlling element in the hardware and operating system of a computer that regulates the access of subjects to objects on basis of security parameters
– The monitor has access to a file (security kernel database)
– The monitor enforces the security rules (no read up, no write down)
![Page 48: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/48.jpg)
Henric Johnson 48
The Concept of Trusted Systems
• Properties of the Reference Monitor
– Complete mediation: Security rules are enforced on every access
– Isolation: The reference monitor and database are protected from unauthorized modification
– Verifiability: The reference monitor’s correctness must be provable (mathematically)
![Page 49: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/49.jpg)
Henric Johnson 49
The Concept of Trusted Systems
• A system that can provide such
verifications (properties) is referred to as a trusted system
![Page 50: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/50.jpg)
Henric Johnson 50
Trojan Horse Defense
• Secure, trusted operating systems are one way to secure against Trojan Horse attacks
![Page 51: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/51.jpg)
Henric Johnson 51
Trojan Horse Defense
![Page 52: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/52.jpg)
Henric Johnson 52
Trojan Horse Defense
![Page 53: Chapter 10mycnis.weebly.com/uploads/4/1/8/7/4187501/chapter_10_-_firewalls.… · Firewall Characteristics •Four general techniques: •Service control –Determines the types of](https://reader034.fdocuments.us/reader034/viewer/2022052020/6033b22348b8c828c423ba6c/html5/thumbnails/53.jpg)
Henric Johnson 53
Recommended Reading
• Chapman, D., and Zwicky, E. Building Internet Firewalls. O’Reilly, 1995
• Cheswick, W., and Bellovin, S. Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley, 2000
• Gasser, M. Building a Secure Computer System. Reinhold, 1988
• Pfleeger, C. Security in Computing. Prentice Hall, 1997