Volume 1 : Number 1 : Paper 4 |
|
June 1998 Special Issue of Best Papers presented at CLEI'96. Bogota
|
Title:
Firewall Monitoring
Authors and Affiliations:
Ernst L. Leiss, Department of Computer Science, University of Houston, TX 77204, USA
Jianyu You, NEC Systems Laboratory, Irving, Texas, USA
Abstract:
Securing resources against unauthorized access and/or use is a major concern of every organization that uses computer networks. To protect internal networks from external attacks, firewalls are utilized since they restrict network access while letting legitimate users have unencumbered access. Firewalls are also used to log security auditing information about connections and operations. We describe a monitor database gateway (MDBG) designed and implemented to replace older forms of firewall logging by a database system. SQL commands can be used to retrieve logged information instead of ad-hoc scripts. The database application allows secure access from other components of a firewall through the Kerberos authentication as well as other authentication methods. If the underlying database changes, only a small portion of the MDBG must be modified: the code for the other components of the firewall remains unaffected.
|
Received March 1997, Revised September 1997
Full paper, 19 pages
[
PDF, 983 Kb ]
|
|
|
|
