Firewalls – Packet Filters,Circuit Level Gateway,Application Level Gateway (or Proxy),Bastion Host,Access Control,Bell–LaPadula Model (BLP) ,Trusted Computer Systems,Reference Monitor,Common Criteria(CC)

1. NETWORK SECURITY
Name of the Staff : M.FLORENCE DAYANA M.C.A.,M.Phil.,(Ph.D).,
Head, Dept. of CA
Bon Secours College For Women
Thanjavur.
Class : II MSc., CS
Semester : III
Unit : V
Topic : Firewalls
2/15/2019 1

2. What is a Firewall?
1. a firewall is a network security system that monitors and
controls the incoming and outgoing network traffic based on
predetermined security rules.
A firewall is a system designed to prevent
unauthorized access to or from a private network. Firewalls
can be implemented in both hardware and software, or a
combination of both.
Firewalls are frequently used to prevent unauthorized Internet
users from accessing private networks connected to the
Internet, especially intranets.

3. • Three common types of firewalls:
1. packet filters
2. circuit-level gateways.
3.application-level gateways
• Packet filtering is a firewall technique used to control
network access by monitoring outgoing and incoming
packets and allowing them to pass or halt based on the
source and destination Internet Protocol (IP) addresses,
protocols and ports.

4. • If a packet does not match the packet filter's set of filtering
rules, the packet filter will drop (silently discard) the packet or
reject it (discard it, and send "error responses" to the source).
• Conversely, if the packet matches one or more of the
programmed filters, the packet is allowed to pass.
• Packet filtering firewalls work mainly on the first three layers
of the OSI reference model, which means most of the work is
done between the network and physical layers, with a little bit
of peeking into the transport layer to figure out source and
destination port numbers.

5. Firewalls – Packet Filters
A packet-filtering router
applies a set of rules to each
incoming and outgoing IP
packet to forward or discard
the packet.
Filtering rules are based
on information contained in a
network packet such as src &
dest IP addresses, ports,
transport protocol & interface.
Some advantages are
simplicity, transparency &
speed.

6. Attacks on Packet Filters
IP address spoofing
– IP address spoofing or IP spoofing is the creation of Internet Protocol (IP)
packets with a false source IP address, for the purpose of hiding the
identity of the sender or impersonating another computing system.
source routing attacks
– The attacker sends an IP packet and uses the response from your
network to get information about the operating system of the target
computer or network device.
Tiny fragment attacks
– A Tiny Fragment attack is IP fragmentation that is the process of
breaking up a single Internet Protocol (IP) datagram into multiple packets
of smaller size. Every network link has a characteristic size of messages
that may be transmitted, called the maximum transmission unit (MTU).

8. Firewalls – 2. Circuit Level Gateway
• .

9. Firewalls - Circuit Level Gateway

10. Firewalls – 3. Application Level Gateway (or Proxy)
• An application gateway or application level gateway (ALG) is a
firewall proxy which provides network security.
• A proxy server is a dedicated computer or a software system
running on a computer that acts as an intermediary between an
endpoint device, such as a computer, and another server from
which a user or client is requesting a service.
• The proxy server may exist in the same machine as a firewall
server or it may be on a separate server, which forwards
requests through the firewall.

11. Firewalls - Application Level Gateway
(or Proxy)

12. Differentiation

13. Bastion Host
• A bastion host is a gateway between an inside network and an
outside network. Used as a security measure, the bastion host
is designed to defend against attacks aimed at the inside
network.
• A bastion host is a system identified by the firewall
administrator as a critical strong point in the network's
security.

17. Access Control
• ACLs are essentially rules written out that determine whether
network access should be granted or rejected to specific IP
addresses
• given system has identified a user
• determine what resources they can access
• is a list of permissions attached to an object
• the basic elements of which are:
• • Subject: An entity (typically a process) capable of
accessing objects
• • Object: Anything to which access is controlled,
– eg files, portions of files, programs, memory segments
• For instance, if a file object has an ACL that contains (Alice:
read,write; Bob: read), this would give Alice permission to read
and write the file and Bob to only read it.

19. The Bell–LaPadula Model (BLP) is a state
machine model used for enforcing access
control in government and military
applications. ...
The model is a formal state transition
model of computer security policy that
describes a set of access control rules
which use security labels on objects and
clearances for subjects.

20. Bell LaPadula (BLP) Model

22. Trusted Computer System Evaluation
Criteria (TCSEC) is a United States
Government Department of Defense
(DoD) standard that sets basic
requirements for assessing the
effectiveness of computer security
controls built into a computer system.
This is known as multilevel security.
A system that can be proved to enforce
this is referred to as a trusted system.

23. Trusted Computer Systems
• This is commonly found in the military where
information is categorized as unclassified (U),
confidential (C), secret (S), top secret (TS), or
higher.
• Here subjects (people or programs) have varying
rights of access to objects (information) based on
their classifications.

24. Reference Monitor
In operating systems
architecture, a reference
monitor is a secure, always-
used and fully-testable module
that controls all software access
to data objects or devices.
A reference monitor concept
defines a set of design
requirements on a reference
validation mechanism, which
enforces an access control policy
over subjects’ (e.g., processes
and users) ability to perform
operations (e.g., read and write)
on objects (e.g., files and sockets)
on a system.

25. For example, Windows 3.x and 9x operating
systems were not built with a reference
monitor, but it was added to Windows starting
with Windows NT

26. Common Criteria(CC)
• Common Criteria is a framework in which computer
system users can specify their
security functional and assurance requirement.
• The CC defines a common set of potential security
requirements for use in evaluation
• The term target of evaluation (TOE) refers to that
part of the product or system that is subject to
evaluation.

27. Common Criteria
• specifies standards for
– evaluation criteria
– methodology for application of criteria
–administrative procedures for evaluation,
– certification and accreditation schemes

28. Common Criteria Requirements
• Functional Requirements
– security audit, crypto support, communications,
user data protection, identification &
authentication, security management, privacy,
protection of trusted security functions,
resource utilization, TOE access, trusted path
• Assurance Requirements
– configuration management, delivery & operation,
development, guidance documents, life cycle
support, tests, vulnerability assessment, assurance
maintenance

29. Common Criteria
CC defines two kinds of documents
the relationship between requirements and profiles and targets.

30. • Protection profiles (PPs): define an implementation-
independent reusable set of security requirements and
objectives for a category of products or systems that meet
similar consumer needs for IT security, reflecting user security
requirements
• • Security targets (STs): contain the IT security objectives and
requirements of a specific identified TOE and defines the
functional and assurance measures offered by that TOE to
meet stated requirements, and forms the basis for an
evaluation

31. Common Criteria
Figure shows the security functional requirements
paradigm. It is based on the reference monitor concept but
makes use of the terminology and design philosophy of the
CC.