Advanced Security Proxy Technology for High Confidence Networks: Advanced Security Proxies

Abstract

This effort addresses the lack of delivery guarantees for encrypted messages that transit through firewall security devices bridging high data rate networks. Firewalls that can easily and dependably handle these high data rates are the main goal of this effort. Generally, current firewall technology is either high-performance or high-security. Defined here is an architecture for decomposing network protocols into the high-security, authentication/access control portion, and the high-performance, high data rate portion. This architecture, used at the transport layer of the OSI-RM, develops the needed firewall proxy software, with the focus on IP over ATM networks and SSL protocol suites. A prototype firewall was developed here that sustains traffic at rates of up to 540 MBS over a Gigabit Ethernet. This was demonstrated in Aug 01 at a DARPA PI meeting.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 2002
Accession Number
ADA408610

Entities

People

  • Andrew Purtell
  • Roger Knobbe
  • Stephen Schwab

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Application Protocols
  • Authentication
  • Computer Access Control
  • Computer Networks
  • Computing System Architectures
  • Data Transmission
  • Debugging
  • Device Drivers
  • Ethernet
  • Models
  • Network Protocols
  • Networks
  • Operating Systems
  • Packet Filtering
  • Security
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.
  • Systems Analysis and Design