See this document in CiteSeerX!

Design of a High-Performance ATM Firewall (1998)  (Make Corrections)  (5 citations)
Jun Xu, Mukesh Singhal
ACM Transactions on Information and System Security



  Home/Search   Context   Related

 
View or download:
utah.edu/~cs6935/s00/xu.pdf
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  utah.edu/~cs6935/ (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: this paper we present the hardware design of a high-speed ATM firewall that does not require the termination of an end-to-end connection in the middle. We propose a novel firewall design philosophy, called Quality of Firewalling (QoF), that applies security measures of different strength to traffic with different risk levels and show how it can be implemented in our firewall. Compared with the traditional firewalls, this ATM firewall performs exactly the same packet-level filtering without... (Update)

Context of citations to this paper:   More

...control at the application level is not considered. Only a small part of the proposal has been implemented. The second approach [11] is the most complete architecture being currently proposed. This solution provides many improvements in comparison with the Storagetek...

...header of IP packets to block unsafe packets while allowing the safe packets to pass. We use a scheme called last cell hostage (LCH) [18] in our firewall switch to reduce the latency incurred by packet filtering. Two performance boosting schemes used in ATLAS, namely,...

Cited by:   More
Design and Implementation of a Full Bandwidth ATM.. - Paul, Laurent.. (2001)   (Correct)
A Firewalling Scheme for Securing MPOA-based Enterprise Networks - Jun Xu And   (Correct)
Design and Evaluation of a High-Performance ATM Firewall Switch .. - Xu, Singhal   (Correct)

Active bibliography (related documents):   More   All
0.5:   A Novel Cache Architecture to Support Layer-Four Packet.. - Xu, Singhal, Degroat (2000)   (Correct)
0.5:   An FPGA-Based Coprocessor for ATM Firewalls - John Mchenry (1997)   (Correct)
0.2:   A Reference Model for Firewall Technology and its Implications .. - Lyles, Schuba (1996)   (Correct)

Similar documents based on text:   More   All
0.4:   Thinking about Firewalls - Ranum (1994)   (Correct)
0.4:   A Formal Model for Firewall Testing - Vigna   (Correct)
0.4:   Firewall Penetration Testing - Haeni (1997)   (Correct)

Related documents from co-citation:   More   All
5:   Atlas Policy Cache Architecture (context) - Kowalski - 1997
3:   Firewalls: Don't Get Burned (context) - Newman, Holzbaur et al. - 1997
2:   High Speed Policy-based Packet Forwarding Using Efficient Multi-dimensional Rang.. - Lakshman, Stiliadis - 1998

BibTeX entry:   (Update)

J. Xu, M. Singhal, Design of a high-performance ATM Firewall, in proc. of the 5th ACM Conference on Computer & Communications Security, 1998. http://citeseer.ist.psu.edu/xu98design.html   More

@article{ xu99design,
    author = "Jun Xu and Mukesh Singhal",
    title = "Design of a High-Performance {ATM} Firewall",
    journal = "ACM Transactions on Information and System Security",
    volume = "2",
    number = "3",
    pages = "269--294",
    year = "1999",
    url = "citeseer.ist.psu.edu/xu98design.html" }
Citations (may not include all citations):
412   Security architecture for the Internet protocol (context) - KENT, AND
221   An analysis of tcp processing overhead (context) - CLARK, JACOBSON et al. - 1989
138   Packet trains: Measurements and a new model for computer net.. (context) - JAIN, AND - 1986
124   Internet Security Association and Key Management Protocol - MAUGHAN - 1998
111   Firewalls and Internet Security: Repelling the Wily Hacker (context) - CHESWICK, AND - 1994
105   IP authentications header (context) - KENT, AND
78   Security problems in the tcp/ip protocol suite - BELLOVIN - 1989
70   Building Internet Firewalls (context) - CHAPMAN, AND - 1995
58   IP encapsulating security payload (context) - KENT, AND
24   Internet traffic characterization - CLAFFY - 1994
19   ATM Switching Systems (context) - CHEN, AND - 1995
17   ATM: Solutions for Enterprise Internetworking (context) - GINSBURG - 1996
8   Security considerations for IP fragment filtering (context) - ZIEMBA, REED et al. - 1995
5   Requirements and methodology for authenticated signalling (context) - SMITH - 1994
2   Requirements for secure packet-level access over atm (context) - HUGHES, AND - 1995
2   A high speed firewall architecture for atm/oc-3c (context) - HUGHES - 1996
2   Draft Standard for A High-Speed Memory Interface (context) - SOCIETY - 1996
1   TCP SYN flooding attack and the firewall-1 SYNDefender (context) - INC - 1996
1   SONET and T1 (context) - BLACK - 1996
1   Performance modeling of multiprocessor implementations of pr.. (context) - BJRKMAN, AND - 1998
1   Design and evaluation of an atm firewall switch and its appl.. (context) - XU, AND
1   CAM tutorial (context) - SEMICONDUCTORS - 1998
1   Singhal ACM Transactions on Information and System Security (context) - February, July et al. - 1999

Documents on the same site (http://www2.cs.utah.edu/~cs6935/):   More
Defending Against Denial of Service Attacks in Scout - Spatscheck, Peterson (1999)   (Correct)
Self-Paging in the Nemesis Operating System - Hand (1999)   (Correct)
IO-Lite: A Unified I/O Buffering and Caching System - Pai, Druschel, Zwaenepoel (1997)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC