Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - RSVP as firewall signalling protocol
AU - Roedig, Utz
AU - Goertz, Manuel
AU - Karsten, Martin
AU - Steinmetz, Ralf
PY - 2001/7/3
Y1 - 2001/7/3
N2 - Within a global networked environment, security aspects have become more and more important and access control at network borders is considered essential. For this purpose firewall systems are used which provide a well-established security mechanism to restrict the exchanged traffic to a certain subset of users and applications. In order to cope with the increasing demand for new applications, a firewall must be flexible and extensible to support such new applications and their protocols. RSVP is a dynamic signalling protocol, which has been invented to negotiate resource requirements between end systems and a packet-based communication network. In this paper, we investigate the interoperation of RSVP with a firewall system in order to support new applications in a generic way. We show how the resulting system flexibility allows for a variety of employment scenarios and incremental deployment of such a technology. We back up our claims by describing a prototype that we have implemented.
AB - Within a global networked environment, security aspects have become more and more important and access control at network borders is considered essential. For this purpose firewall systems are used which provide a well-established security mechanism to restrict the exchanged traffic to a certain subset of users and applications. In order to cope with the increasing demand for new applications, a firewall must be flexible and extensible to support such new applications and their protocols. RSVP is a dynamic signalling protocol, which has been invented to negotiate resource requirements between end systems and a packet-based communication network. In this paper, we investigate the interoperation of RSVP with a firewall system in order to support new applications in a generic way. We show how the resulting system flexibility allows for a variety of employment scenarios and incremental deployment of such a technology. We back up our claims by describing a prototype that we have implemented.
U2 - 10.1109/ISCC.2001.935355
DO - 10.1109/ISCC.2001.935355
M3 - Conference contribution/Paper
SN - 0769511775
SP - 57
EP - 62
BT - Proceedings of the 6th IEEE Symposium on Computers and Communications, Hammamet, Tunisia
PB - IEEE Computer Society Press
ER -