A Proposal for Dynamic Access Lists for TCP/IP Packet Filering

The use of IP filtering to improve system security is well established, and although limited in what it can achieve has proved to be efficient and effective. In the design of a security policy there is always a trade-off between usability and security. Restricting access means that legitimate use of the network is prevented; allowing access means illegitimate use may be allowed. Static access list make finding a balance particularly stark -- we pay the price of decreased security 100% of the time even if the benefit of increased usability is only gained 1% of the time. Dynamic access lists would allow the rules to change for short periods of time, and to allow local changes by non-experts. The network administrator can set basic security guide-lines which allow certain basic services only. All other services are restricted, but users are able to request temporary exceptions in order to allow additional access to the network. These exceptions are granted depending on the privileges of the user. This paper covers the following topics: (1) basic introduction to TCP/IP filtering; (2) semantics for dynamic access lists and; (3) a proposed protocol for allowing dynamic access; and (4) a method for representing access lists so that dynamic update and look-up can be done efficiently performed.Comment: 12 pages. Shortened version appeared in SAICSIT 200

A Proposed Firewall for Viruses and Steganography Image

The open communication network, Internet, has problems surrounding the security of the Internet sites. Such as hacker intrusioncosting organizations a large amount of money and untold losses in productivity; hate groups using the Internet to distribute their maliciousworks to these sites, and many other types of attacks. A firewalls strategies protect Internet sites from intentional hostile intrusion that couldcompromise confidentiality or results in data corruption or denial of service

Universally Composable Firewall Architectures using Trusted Hardware

Network firewalls are a standard security measure in computer networks that connect to the Internet. Often, ready-to-use firewall appliances are trusted to protect the network from malicious Internet traffic. However, because of their black-box nature, no one can be sure of their exact functionality. We address the possibility of actively compromised firewalls. That is, we consider the possibility that a network firewall might collaborate with an outside adversary to attack the network. To alleviate this threat, we suggest composing multiple firewalls from different suppliers to obtain a secure firewall architecture. We rigorously treat the composition of potentially malicious network firewalls in a formal model based on the Universal Composability framework. Our security assumption is trusted hardware. We show that a serial concatenation of firewalls is insecure even when trusted hardware ensures that no new packages are generated by the compromised firewall. Further, we show that the parallel composition of two firewalls is only secure when the order of packets is not considered. We prove that the parallel composition of three firewalls is insecure, unless a modified trusted hardware is used

Securización de un centro de gestión de transporte público

[ES] El transporte público es un posible objetivo de los ciber ataques. La securizacion de los centros de gestión y de todas las redes de comunicaciones es una de las aplicaciones más relevantes de la ciberseguridad.[EN] Public transport is a usual target of cyber attacks. Management centers and communication networks securization are high valuable cyber security activitiesFerrer Montilla, I. (2020). Securización de un centro de gestión de transporte público. Universitat Politècnica de València. http://hdl.handle.net/10251/156894TFG

Towards Applying Cryptographic Security Models to Real-World Systems

The cryptographic methodology of formal security analysis usually works in three steps: choosing a security model, describing a system and its intended security properties, and creating a formal proof of security. For basic cryptographic primitives and simple protocols this is a well understood process and is performed regularly. For more complex systems, as they are in use in real-world settings it is rarely applied, however. In practice, this often leads to missing or incomplete descriptions of the security properties and requirements of such systems, which in turn can lead to insecure implementations and consequent security breaches. One of the main reasons for the lack of application of formal models in practice is that they are particularly difficult to use and to adapt to new use cases. With this work, we therefore aim to investigate how cryptographic security models can be used to argue about the security of real-world systems. To this end, we perform case studies of three important types of real-world systems: data outsourcing, computer networks and electronic payment. First, we give a unified framework to express and analyze the security of data outsourcing schemes. Within this framework, we define three privacy objectives: \emph{data privacy}, \emph{query privacy}, and \emph{result privacy}. We show that data privacy and query privacy are independent concepts, while result privacy is consequential to them. We then extend our framework to allow the modeling of \emph{integrity} for the specific use case of file systems. To validate our model, we show that existing security notions can be expressed within our framework and we prove the security of CryFS---a cryptographic cloud file system. Second, we introduce a model, based on the Universal Composability (UC) framework, in which computer networks and their security properties can be described We extend it to incorporate time, which cannot be expressed in the basic UC framework, and give formal tools to facilitate its application. For validation, we use this model to argue about the security of architectures of multiple firewalls in the presence of an active adversary. We show that a parallel composition of firewalls exhibits strictly better security properties than other variants. Finally, we introduce a formal model for the security of electronic payment protocols within the UC framework. Using this model, we prove a set of necessary requirements for secure electronic payment. Based on these findings, we discuss the security of current payment protocols and find that most are insecure. We then give a simple payment protocol inspired by chipTAN and photoTAN and prove its security within our model. We conclude that cryptographic security models can indeed be used to describe the security of real-world systems. They are, however, difficult to apply and always need to be adapted to the specific use case

Stunpede : um sistema P2P para conectividade fim-a-fim transparente na internet usando túneis IPV6-sobre-UDP /

Orientador: Elias P.Duarte Jr.Dissertaçăo (mestrado) - Universidade Federal do Paraná, Setor de Cięncias Exatas, Programa de Pós-Graduaçăo em Informática. Defesa: Curitiba, 2008Inclui bibliografi

On Provable Security for Complex Systems

We investigate the contribution of cryptographic proofs of security to a systematic security engineering process. To this end we study how to model and prove security for concrete applications in three practical domains: computer networks, data outsourcing, and electronic voting. We conclude that cryptographic proofs of security can benefit a security engineering process in formulating requirements, influencing design, and identifying constraints for the implementation

A Reference Model for Firewall Technology and its Implications for Connection Signaling

This paper concentrates on one particular aspect of providing communication security: rewalls between domains of trust. We argue that signaling support for providing scalable security services is a design requirement. On this basis we outline a reference model for rewall technology. It captures the current state of the art and proves suitable for connection-oriented high-performance networks. The architecture is an improvement in network management and provides a controlled exposure of the internal network structure to the outside, and transparency to the user. Its components are endpoint authentication, call admission control, connection authentication, audit, and a distributed architecture with centralized policy. The paper discusses implications of this reference model for the design of signaling protocols