Sciweavers

DSN
2005
IEEE

A Model of Stateful Firewalls and Its Properties

14 years 5 months ago
A Model of Stateful Firewalls and Its Properties
We propose the first model of stateful firewalls. In this model, each stateful firewall has a variable set called the state of the firewall, which is used to store some packets that the firewall has accepted previously and needs to remember in the near future. Each stateful firewall consists of two sections: a stateful section and a stateless section. Upon receiving a packet, the firewall processes it in two steps. In the first step, the firewall augments the packet with an additional field called the tag, and uses the stateful section to compute the value of this field according to the current state of the firewall. In the second step, the firewall compares the packet together with its tag value against a sequence of rules in the stateless section to identify the first rule that the packet matches: the decision of this rule determines the fate of the packet. Our model of stateful firewalls has several favorable properties. First, despite its simplicity, it can express ...
Mohamed G. Gouda, Alex X. Liu
Added 24 Jun 2010
Updated 24 Jun 2010
Type Conference
Year 2005
Where DSN
Authors Mohamed G. Gouda, Alex X. Liu
Comments (0)